returning response with set-cookie header in AWS Cloudfront origin request

Question

In my CloudFront origin request lambda@edge function I want to return a response which will set a cookie value in the browser and redirects to other page. I do it by the following return statement:

return {
  status: '302',
  statusDescription: 'Found',
  headers: {
    location: [
      { key: 'Location', value: 'my.website.com' },
    ],
    'set-cookie': [
      { key: 'Set-Cookie', value: 'key=value; Max-Age=600' },
    ]
  }
};

Unfortunately CloudFront seems to remove/ignore this set-cookie header and the browser receives a response without it. What's interesting, the exact same code works when placed in the CloudFront viewer-request function. Is there a way to make origin-request lambda to keep the set-cookie header in the response?

Answer 1

The solution turn out to be a cache policy with Cookies - include specified cookies option turned on with proper whitelisted cookie name. The behaviour in the question is caused (as documentation states) by:

Don’t forward cookies to your origin – CloudFront doesn’t cache your objects based on cookie sent by the viewer. In addition, CloudFront removes cookies before forwarding requests to your origin, and removes Set-Cookie headers from responses before returning responses to your viewers.

To prevent caching by whitelisted cookie name add the following header to the response: Cache-Control: no-cache="Set-Cookie".