From de8711679eacc645e73c7e2273f698c6e143243e Mon Sep 17 00:00:00 2001
From: Sascha <rodekamp@amazon.de>
Date: Mon, 27 May 2024 09:52:19 +0200
Subject: [PATCH] feat(globalaccelerator-endpoints): Add preserveClientIp
 option for network loadbalancer

---
 .../aws-globalaccelerator-endpoints/lib/nlb.ts     | 14 ++++++++++++++
 .../test/endpoints.test.ts                         |  2 ++
 2 files changed, 16 insertions(+)

diff --git a/packages/aws-cdk-lib/aws-globalaccelerator-endpoints/lib/nlb.ts b/packages/aws-cdk-lib/aws-globalaccelerator-endpoints/lib/nlb.ts
index a4c6b59328ffb..cc295bdbbbe98 100644
--- a/packages/aws-cdk-lib/aws-globalaccelerator-endpoints/lib/nlb.ts
+++ b/packages/aws-cdk-lib/aws-globalaccelerator-endpoints/lib/nlb.ts
@@ -14,6 +14,19 @@ export interface NetworkLoadBalancerEndpointProps {
    * @default 128
    */
   readonly weight?: number;
+
+  /**
+   * Forward the client IP address in an `X-Forwarded-For` header
+   *
+   * GlobalAccelerator will create Network Interfaces in your VPC in order
+   * to preserve the client IP address.
+   *
+   * Client IP address preservation is supported only in specific AWS Regions.
+   * See the GlobalAccelerator Developer Guide for a list.
+   *
+   * @default true if available
+   */
+  readonly preserveClientIp?: boolean;
 }
 
 /**
@@ -31,6 +44,7 @@ export class NetworkLoadBalancerEndpoint implements ga.IEndpoint {
     return {
       endpointId: this.loadBalancer.loadBalancerArn,
       weight: this.options.weight,
+      clientIpPreservationEnabled: this.options.preserveClientIp,
     } as ga.CfnEndpointGroup.EndpointConfigurationProperty;
   }
 }
\ No newline at end of file
diff --git a/packages/aws-cdk-lib/aws-globalaccelerator-endpoints/test/endpoints.test.ts b/packages/aws-cdk-lib/aws-globalaccelerator-endpoints/test/endpoints.test.ts
index d1c65e531b17c..9c29d02dfd2d7 100644
--- a/packages/aws-cdk-lib/aws-globalaccelerator-endpoints/test/endpoints.test.ts
+++ b/packages/aws-cdk-lib/aws-globalaccelerator-endpoints/test/endpoints.test.ts
@@ -74,6 +74,7 @@ test('Network Load Balancer with all properties', () => {
     endpoints: [
       new endpoints.NetworkLoadBalancerEndpoint(nlb, {
         weight: 50,
+        preserveClientIp: true,
       }),
     ],
   });
@@ -84,6 +85,7 @@ test('Network Load Balancer with all properties', () => {
       {
         EndpointId: { Ref: 'NLB55158F82' },
         Weight: 50,
+        ClientIPPreservationEnabled: true,
       },
     ],
   });