diff --git a/ci/terraform/cloudfront.tf b/ci/terraform/cloudfront.tf
index 870e80b03..28ae01ad2 100644
--- a/ci/terraform/cloudfront.tf
+++ b/ci/terraform/cloudfront.tf
@@ -16,13 +16,6 @@ resource "aws_cloudformation_stack" "cloudfront" {
     StandardLoggingEnabled       = true
     LogDestination               = var.cloudfront_WafAcl_Logdestination
   }
-
-  #ignoring below parameter as these parameter are been read via secret manager and terraform continually detects changes
-  # Note : we need to remove the below lifecycle if the Header are changed in Secret manager to appy new cloainking header value
-  lifecycle {
-    ignore_changes = [parameters["OriginCloakingHeader"], parameters["PreviousOriginCloakingHeader"]]
-  }
-
 }
 
 resource "aws_cloudformation_stack" "cloudfront-monitoring" {
diff --git a/ci/terraform/variables.tf b/ci/terraform/variables.tf
index f8fe89b42..3e77daa9e 100644
--- a/ci/terraform/variables.tf
+++ b/ci/terraform/variables.tf
@@ -378,14 +378,12 @@ variable "cloudfront_zoneid" {
 
 variable "auth_origin_cloakingheader" {
   type        = string
-  sensitive   = true
   description = "This is header value for Cloufront to to verify requests are coming from the correct CloudFront distribution to ALB "
 }
 
 
 variable "previous_auth_origin_cloakingheader" {
   type        = string
-  sensitive   = true
   description = "This is previous header value when the value is rotated to ensure WAF will allow requests during rotation "
 }