We have a python application running in AWS EKS trying to communicate with a 3rd party API hosted behind Cloudflare. To access the API, we’re sending the traffic through a white-listed IP address.
The problem is, the system used to work when all the traffic from EKS was being forward-proxied through a Squid proxy to look like its coming from the white-listed IP. But now, instead of using Squid proxy, we’ve opted to use an AWS NAT gateway which is doing the same thing.
Cloudflare detects this and is stopping us from accessing the 3rd-party API. If making calls programmatically, we get 403 status code. If through browser, get presented Captcha.
We’ve inspected the call coming direct and through proxy. They are absolutely the same thing, from the same white-listed IP.
Is there a way to make Cloudflare start trusting the NAT Gateway setup?