diff --git a/deploy/infrastructure/prod/us-east-2/cloudfront.tf b/deploy/infrastructure/prod/us-east-2/cloudfront.tf
index bd2354bce..0e6e50120 100644
--- a/deploy/infrastructure/prod/us-east-2/cloudfront.tf
+++ b/deploy/infrastructure/prod/us-east-2/cloudfront.tf
@@ -78,7 +78,7 @@ resource "aws_cloudfront_distribution" "cdn" {
   }
 
   ordered_cache_behavior {
-    path_pattern = "reframe"
+    path_pattern           = "reframe"
     # CloudFront does not support configuring allowed methods selectively.
     # Hence the complete method list.
     allowed_methods        = ["GET", "HEAD", "OPTIONS", "PUT", "DELETE", "PATCH", "POST"]
@@ -92,18 +92,14 @@ resource "aws_cloudfront_distribution" "cdn" {
   }
 
   ordered_cache_behavior {
-    path_pattern = "multihash/*"
+    path_pattern     = "multihash/*"
     # CloudFront does not support configuring allowed methods selectively.
     # Hence the complete method list.
     allowed_methods  = ["GET", "HEAD", "OPTIONS", "PUT", "DELETE", "PATCH", "POST"]
     cached_methods   = ["GET", "HEAD", "OPTIONS"]
     target_origin_id = local.indexstar_origin_id
-    forwarded_values {
-      query_string = false
-      cookies {
-        forward = "none"
-      }
-    }
+    cache_policy_id  = aws_cloudfront_cache_policy.lookup.id
+
     compress               = true
     viewer_protocol_policy = "redirect-to-https"
     min_ttl                = 0
@@ -116,12 +112,8 @@ resource "aws_cloudfront_distribution" "cdn" {
     allowed_methods  = ["GET", "HEAD", "OPTIONS"]
     cached_methods   = ["GET", "HEAD", "OPTIONS"]
     target_origin_id = local.indexstar_origin_id
-    forwarded_values {
-      query_string = false
-      cookies {
-        forward = "none"
-      }
-    }
+    cache_policy_id  = aws_cloudfront_cache_policy.lookup.id
+
     compress               = true
     viewer_protocol_policy = "redirect-to-https"
     min_ttl                = 0
@@ -148,7 +140,7 @@ resource "aws_cloudfront_distribution" "cdn" {
   }
 
   ordered_cache_behavior {
-    path_pattern = "ingest/*"
+    path_pattern     = "ingest/*"
     # CloudFront does not support configuring allowed methods selectively.
     # Hence the complete method list.
     allowed_methods  = ["GET", "HEAD", "OPTIONS", "PUT", "DELETE", "PATCH", "POST"]
@@ -203,6 +195,37 @@ resource "aws_cloudfront_cache_policy" "reframe" {
   }
 }
 
+resource "aws_cloudfront_cache_policy" "lookup" {
+  name = "lookup"
+
+  # We have to set non-zero TTL values because otherwise CloudFront won't let 
+  # the query strings settings to be configured.
+  min_ttl     = 0
+  default_ttl = 3600
+  max_ttl     = 86400
+
+  parameters_in_cache_key_and_forwarded_to_origin {
+    cookies_config {
+      cookie_behavior = "none"
+    }
+    headers_config {
+      header_behavior = "whitelist"
+      headers {
+        items = ["Accept"]
+      }
+    }
+    query_strings_config {
+      query_string_behavior = "whitelist"
+      query_strings {
+        items = ["cascade"]
+      }
+    }
+
+    enable_accept_encoding_brotli = true
+    enable_accept_encoding_gzip   = true
+  }
+}
+
 provider "aws" {
   alias  = "use1"
   region = "us-east-1"
@@ -232,8 +255,8 @@ module "records" {
 
   records = [
     {
-      name = local.cdn_subdomain
-      type = "A"
+      name  = local.cdn_subdomain
+      type  = "A"
       alias = {
         name    = aws_cloudfront_distribution.cdn.domain_name
         zone_id = aws_cloudfront_distribution.cdn.hosted_zone_id
diff --git a/deploy/manifests/dev/us-east-2/tenant/storetheindex/instances/ago/kustomization.yaml b/deploy/manifests/dev/us-east-2/tenant/storetheindex/instances/ago/kustomization.yaml
index 0120927fc..6ec6d3877 100644
--- a/deploy/manifests/dev/us-east-2/tenant/storetheindex/instances/ago/kustomization.yaml
+++ b/deploy/manifests/dev/us-east-2/tenant/storetheindex/instances/ago/kustomization.yaml
@@ -32,4 +32,4 @@ patchesStrategicMerge:
 images:
   - name: storetheindex
     newName: 407967248065.dkr.ecr.us-east-2.amazonaws.com/storetheindex/storetheindex
-    newTag: 20230201182245-cee0f4faba5b495c5174f3c0514d3c82c12ac140
+    newTag: 20230202091228-d681a36337e90c829fa9e46b6c6ec04559492049
diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/kustomization.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/kustomization.yaml
index 4f0a19e86..95419abb8 100644
--- a/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/kustomization.yaml
+++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/indexstar/kustomization.yaml
@@ -18,4 +18,4 @@ replicas:
 images:
   - name: indexstar
     newName: 407967248065.dkr.ecr.us-east-2.amazonaws.com/indexstar/indexstar
-    newTag: 20221215113602-67c9360d3785d2f77975c21287efffd99bc50bc2
+    newTag: 20230201190758-f61e21138983efaf2e1b2cb63df624c57ca045a4
diff --git a/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/kepa/kustomization.yaml b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/kepa/kustomization.yaml
index 117ba8cd9..7e1b5ad61 100644
--- a/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/kepa/kustomization.yaml
+++ b/deploy/manifests/prod/us-east-2/tenant/storetheindex/instances/kepa/kustomization.yaml
@@ -32,4 +32,4 @@ patchesStrategicMerge:
 images:
   - name: storetheindex
     newName: 407967248065.dkr.ecr.us-east-2.amazonaws.com/storetheindex/storetheindex
-    newTag: 0.5.7
+    newTag: 0.5.8