Unable to add X-forwarded-for header in https api gateway

Hi,
let me know if I understood your problem correctly: https://imgur.com/a/EH85bg6. I assume also that you're using HTTP API Gateway. If so, you should have the IP of the requester in two places:
event.headers.x-forwarded-for: "<requester-ip>,<cloudfront-ip>" Please note, that this value is comma-separated.
event.requestContext.http.sourceIp: "<requester-ip>"

If you need some reference, here is a sample event, that I generated to reproduce your issues.

{
"version": "2.0",
"routeKey": "GET /",
"rawPath": "/",
"rawQueryString": "",
"headers": {
"accept-encoding": "br,gzip",
"content-length": "0",
"host": "<api-gw-uri>",
"user-agent": "Amazon CloudFront",
"via": "2.0 <cloudfront-ip> (CloudFront)",
"x-amz-cf-id": "",
"x-amzn-trace-id": "",
"x-forwarded-for": "<requester-ip>,<cloudfront-ip>",
"x-forwarded-port": "443",
"x-forwarded-proto": "https"
},
"requestContext": {
"accountId": "<account-id>",
"apiId": "<api-id>",
"domainName": "<api-domainname>",
"domainPrefix": "<api-domain-prefix>",
"http": {
"method": "GET",
"path": "/",
"protocol": "HTTP/1.1",
"sourceIp": "<requester-ip>",
"userAgent": "Amazon CloudFront"
},
"requestId": "",
"routeKey": "GET /",
"stage": "$default",
"time": "05/Apr/2022:20:17:43 +0000",
"timeEpoch": 1649189863166
},
"isBase64Encoded": false
}

Let me know if it is solving your problem.
Regards, Dominik

You can find a good explanation here. The summary is that, x-forwarded-for was a de-facto-standard and now the standard header is forwarded. If the request already contains x-forwarded-for header, API Gateway will put it in Forwarded header. But still Load Balancer uses x-forwarded-for header. So if you look at your incoming request after API-Gateway and Load Balancer, you will see the IP address of your API Gateway in x-forwarded-for header and the IP addresses of you client in Forwarded header.