Add a True-Client-IP header to the request - Amazon CloudFront

Add a True-Client-IP header to the request

The following viewer request function adds a True-Client-IP HTTP header to the request, with the IP address of the viewer as the header’s value. When CloudFront sends a request to an origin, the origin can determine the IP address of the CloudFront host that sent the request but not the IP address of the viewer (client) that sent the original request to CloudFront. This function adds the True-Client-IP header so the origin can see the IP address of the viewer.

Important

To make sure that CloudFront includes this header in origin requests, you must add it to the allowed headers list in an origin request policy.

See this example on GitHub.

JavaScript runtime 2.0
async function handler(event) { var request = event.request; var clientIP = event.viewer.ip; //Add the true-client-ip header to the incoming request request.headers['true-client-ip'] = {value: clientIP}; return request; }
JavaScript runtime 1.0
function handler(event) { var request = event.request; var clientIP = event.viewer.ip; //Add the true-client-ip header to the incoming request request.headers['true-client-ip'] = {value: clientIP}; return request; }