AWS Certified Developer – Associate (DVA-C02) — Question 343

A developer is writing an application to analyze the traffic to a fleet of Amazon EC2 instances. The EC2 instances run behind a public Application Load Balancer (ALB). An HTTP server runs on each of the EC2 instances, logging all requests to a log file.

The developer wants to capture the client public IP addresses. The developer analyzes the log files and notices only the IP address of the ALB.

What must the developer do to capture the client public IP addresses in the log file?

Answer options

• A. Add a Host header to the HTTP server log configuration file.
• B. Install the Amazon CloudWatch Logs agent on each EC2 instance. Configure the agent to write to the log file.
• C. Install the AWS X-Ray daemon on each EC2 instance. Configure the daemon to write to the log file.
• D. Add an X-Forwarded-For header to the HTTP server log configuration file.

Correct answer: D

Explanation

When an Application Load Balancer (ALB) routes traffic to backend EC2 instances, it intercepts the client's request and establishes a new connection, causing the web server logs to show the ALB's IP address instead of the client's. To resolve this, the developer must configure the HTTP server's log format to record the X-Forwarded-For request header, which the ALB automatically populates with the original client's IP address. Other options like CloudWatch Logs, AWS X-Ray, or the Host header do not capture or format the client's source IP address within the local HTTP access logs.