- 新しい順
- 投票が多い順
- コメントが多い順
This is not correct information, there is no feature on ALB to add headers. It looks like you asked ChatGPT and it hallucinated this? Please remove this article.
Currently, It is not possible to edit/modify the cookies generated by the AWS Application Load Balancer.
Application Load Balancers support both duration-based cookies and application-based cookies. Sticky sessions are enabled at the target group level. Refer here
Duration-based stickiness :
With cross-origin resource sharing (CORS) requests, some browsers require SameSite=None; Secure to enable stickiness. In this case, the load balancer generates a second stickiness cookie, AWSALBCORS, which includes the same information as the original stickiness cookie plus the SameSite attribute. Clients receive both cookies.
Application-based stickiness :
With cross-origin resource sharing (CORS) requests, to enable stickiness, the load balancer adds the SameSite=None; Secure attributes to the load balancer generated application cookie only if the user-agent version is Chromium80 or above.
SameSite=None; Secure means that cookies will be created and sent through requests over HTTPS . ALB Sticky sessions always pair SameSite=None with the Secure attribute.
Further as a work around for your use-case . You can look into configuring CloudFront to add a custom header to an incoming request before it is sent to the CloudFront distribution's origin.
For more information on using CloudFront to add custom headers to origin requests, Please refer here
