Configuring AWS ALB with CloudFront — You are Probably Doing It Wrong

Not passing an auth token header from CloudFront to AWS Application Load Balancer can be a huge mistake