Closed acn-dgopa closed 9 months ago
PR to allow headers to be forwarded to pods merged in platform infra code. Client ip will be added as number 2 to header "X-Forwarded-For" Rolled out to AT21 now for you to test and verify
@bengtfredh the auditlog test environment is setup against the At22 platform components. Can you roll out the change to AT22?
@acn-dgopa @simon-ellefsen will roll out update in AT22
@bengtfredh tested ok
@bengtfredh This is bit weird but when the request from authorization component is proecssed, the ipaddress doesn't look the same. The order of the client ip probably is not the same when received from authorization component
Description
Auditlog requires that we log the client's ipaddress. Right now, we don't have the configuration in the Api Management/traefikk for forwarding the ipadress to the platform components.
More information
api management: https://learn.microsoft.com/en-us/azure/application-gateway/how-application-gateway-works#modifications-to-the-request Application gateway inserts six additional headers to all requests before it forwards the requests to the backend. These headers are x-forwarded-for, x-forwarded-port, x-forwarded-proto, x-original-host, x-original-url, and x-appgw-trace-id. The format for x-forwarded-for header is a comma-separated list of IP:port. traefik:
Tasks
Acceptance Criteria