Configure IpAddress forwarding on the api management and traefikk tool

[acn-dgopa]

Description

Auditlog requires that we log the client's ipaddress. Right now, we don't have the configuration in the Api Management/traefikk for forwarding the ipadress to the platform components.

More information

api management: https://learn.microsoft.com/en-us/azure/application-gateway/how-application-gateway-works#modifications-to-the-request Application gateway inserts six additional headers to all requests before it forwards the requests to the backend. These headers are x-forwarded-for, x-forwarded-port, x-forwarded-proto, x-original-host, x-original-url, and x-appgw-trace-id. The format for x-forwarded-for header is a comma-separated list of IP:port. traefik:

Tasks

• [x] Configure Apimanagement to forward the ipadress of the client
• [x] Configure traefikk to forward the ipadress further to the platform components

Acceptance Criteria

• [ ] Client ipadress is accessible in the platform component via ["X-Real-IP"] or ["X-Forwarded-For"]

[bengtfredh]

PR to allow headers to be forwarded to pods merged in platform infra code. Client ip will be added as number 2 to header "X-Forwarded-For" Rolled out to AT21 now for you to test and verify

[acn-dgopa]

@bengtfredh the auditlog test environment is setup against the At22 platform components. Can you roll out the change to AT22?

[bengtfredh]

@acn-dgopa @simon-ellefsen will roll out update in AT22

[acn-dgopa]

@bengtfredh tested ok

[acn-dgopa]

@bengtfredh This is bit weird but when the request from authorization component is proecssed, the ipaddress doesn't look the same. The order of the client ip probably is not the same when received from authorization component