1

I have an API gateway which is sending requests via the VPC link to Network load balancer(NLB) which is then forwarded to the target instance. As per AWS documentation, when the target group is instance the source ip is passed unfettered to the target instance, but if by ip address then NLB ip address. However even though the target group is set to instance I am still getting NLB ip address.

binshi
  • 1,248
  • 2
  • 17
  • 33

1 Answers1

-1

If you need the source ip, you can map the context variable context.identity.sourceIpto a integration header docs. You will be able to access this header in your server.

The docs for NLB are referring to the proxy protocol 2 support which will allow your to get the source ip of a connection to a nlb. This requires running a web server with proxy protocol enabled (squid/nginx has a flag to enable this). With respect to VPC Links, this ip is not the same as your source ip of a request to your server since the NLB actually sees connections from API Gateway, so enabling this on the NLB will return internal ip addresses of API Gateway.

In swagger it'll look like

...
  "requestParameters" : { 
    "integration.request.header.x-source-ip" : "context.identity.sourceIp",                    
   }
...
Abhigna Nagaraja
  • 1,874
  • 15
  • 17