2 Answers
- Newest
- Most votes
- Most comments
0
EC2 will send the response to the load balancer, and then the load balancer will send the response, via the IGW, onto the client which sent the original request
0
Your understanding is correct. ALB will always change source IP to it's own private IP of the ENIs.
To capture the original client IP, you can use X-forwarded-for header.
Also, this is the reason for security best practice, on the target EC2, we only allow traffic from security group applied to ALB.
answered 9 months ago
Relevant content
- asked 7 months ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated a year ago