I have an application that is in production working with Cloudfront + Appsync with OICD Authorizer. In the Cloudfront configuration for some reason it is adding in the custom headers if API_KEY exists add header x-api-key, if not add x-api-key as "Not Set". It was always Not Set in the headers and working normally.
Now I need to add a new authorizer API_KEY in the application, but now the x-api-key exists and is always sending the x-api-key in the request. In my olders OICD routes, is passing x-api-key and not passing the identity that I need to do my login validations. Getting the user email and other Token data.
I tryed to remove this custom headers, but is breaking in the Cloudfront saying that is missing an Authorizer Header. The token is being passed as before that is working in dev.
I tryed to add in graphql Cloudfront Behaviour to forward the headers of Authorization and x-api-key while removing the custom header. But still breaks in the cloudfront of all routes.
All Schema routes are configured to @aws_oicd, because I didn't added the new routes to use API_KEY.
If I remove the additional API_KEY it passed normally to work again. I don't know if is a Cloudfront configuration to force the x-api-key.
