FusionAuth, as you can see, doesn't like to be run without being assured TLS is involved. That is what the warnings are about. It relies on the X-Forwarded-Proto to be assured that TLS is involved.
It looks like you have this:
User -> (TLS) -> Internet -> (TLS) -> NLB -> (HTTP) -> Ingress -> (HTTP) -> FusionAuth
Which seems like a fine architecture (because from the NLB to FusionAuth is presumably a private, secure network, so TLS is not needed). The question is, how do you tell FusionAuth that things are okay? That's why I suggested trying to set the header.
I do not know how to modify X-Forwarded-Proto to https, without terminating at the Ingress controller.
I also do not know how to do this. I suggest reviewing the AWS documentation and/or contacting AWS support.
If you have a FusionAuth edition including support, you can also file a support ticket and the engineering team will take a look. (If you do that, please reference this forum post.)