diff --git a/terraform/cloudfront.tf b/terraform/cloudfront.tf
index de1df6e..0f806ed 100644
--- a/terraform/cloudfront.tf
+++ b/terraform/cloudfront.tf
@@ -11,11 +11,12 @@ resource "aws_cloudfront_distribution" "api-by-becki" {
   }
 
   default_cache_behavior {
-    allowed_methods        = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
-    cached_methods         = ["GET", "HEAD"]
-    target_origin_id       = "abb.gmem.ca"
-    viewer_protocol_policy = "redirect-to-https"
-    cache_policy_id = "658327ea-f89d-4fab-a63d-7e88639e58f6"
+    allowed_methods            = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
+    cached_methods             = ["GET", "HEAD"]
+    target_origin_id           = "abb.gmem.ca"
+    compress                   = true
+    viewer_protocol_policy     = "redirect-to-https"
+    cache_policy_id            = aws_cloudfront_cache_policy.api-by-becki.id
     response_headers_policy_id = "eaab4381-ed33-4a86-88ca-d9558dc6cd63"
   }
 
@@ -28,7 +29,7 @@ resource "aws_cloudfront_distribution" "api-by-becki" {
   aliases = ["api-by-becki.gmem.ca"]
   viewer_certificate {
     acm_certificate_arn = aws_acm_certificate.api-by-becki.arn
-    ssl_support_method = "sni-only"
+    ssl_support_method  = "sni-only"
   }
 
 
@@ -39,6 +40,12 @@ resource "aws_cloudfront_distribution" "api-by-becki" {
   }
 }
 
+resource "aws_cloudfront_cache_policy" "api-by-becki" {
+  default_ttl = 300
+  max_ttl     = 604800
+  min_ttl     = 1
+}
+
 resource "aws_acm_certificate" "api-by-becki" {
   domain_name       = "api-by-becki.gmem.ca"
   validation_method = "DNS"
@@ -46,7 +53,7 @@ resource "aws_acm_certificate" "api-by-becki" {
 }
 
 resource "aws_acm_certificate_validation" "api-by-becki" {
-  certificate_arn = aws_acm_certificate.api-by-becki.arn
+  certificate_arn         = aws_acm_certificate.api-by-becki.arn
   validation_record_fqdns = [for record in aws_route53_record.api-by-becki-acm : record.fqdn]
-  provider = aws.virginia
+  provider                = aws.virginia
 }
\ No newline at end of file
diff --git a/terraform/gmem.ca.tf b/terraform/gmem.ca.tf
index 491c3a7..39a87ac 100644
--- a/terraform/gmem.ca.tf
+++ b/terraform/gmem.ca.tf
@@ -13,11 +13,11 @@ resource "aws_route53_record" "api-by-becki" {
 resource "aws_route53_record" "api-by-becki-primary" {
   zone_id = aws_route53_zone.gmemca.zone_id
   name    = "api-by-becki"
-  type = "A"
+  type    = "A"
 
   alias {
-    name = "${aws_cloudfront_distribution.api-by-becki.domain_name}"
-    zone_id = "${aws_cloudfront_distribution.api-by-becki.hosted_zone_id}"
+    name                   = aws_cloudfront_distribution.api-by-becki.domain_name
+    zone_id                = aws_cloudfront_distribution.api-by-becki.hosted_zone_id
     evaluate_target_health = false
   }
 }
diff --git a/terraform/main.tf b/terraform/main.tf
index 5c7c0b5..9ed502f 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -17,6 +17,6 @@ terraform {
 }
 
 provider "aws" {
-  alias = "virginia"
+  alias  = "virginia"
   region = "us-east-1"
 }
\ No newline at end of file
diff --git a/vps/couchdb.yaml b/vps/couchdb.yaml
index d6a5dd5..f1b6888 100644
--- a/vps/couchdb.yaml
+++ b/vps/couchdb.yaml
@@ -12,8 +12,9 @@ ingress:
   annotations:
     kubernetes.io/ingress.class: nginx
     cert-manager.io/issuer: "letsencrypt-prod"
+    nginx.ingress.kubernetes.io/enable-cors: "true"
     nginx.ingress.kubernetes.io/proxy-body-size: 10m
   tls:
     - secretName: couch-tls
       hosts:
-        - abb.gmem.ca
\ No newline at end of file
+        - abb.gmem.ca