We have two autoscaling EB instances with changing IP. We need them to create connections to a remote system which is protected by IP whitelist. So we need that when our EB instances connect to that system, they do it through a fixed elastic IP. It seems that can be achieved with this:
[login to view URL]
- Create a new subnet to host the NAT Gateway.
- Create the NAT Gateway in the above subnet, and assign a new Elastic IP. This one will be our outgoing IP for hitting external APIs.
- Create a route table for the NAT subnet. All outbound traffic (0.0.0.0/0) should be routed through the NAT Gateway. Assign the created subnet to use the new route table.
- Modify the main route table (the one that handles all our EC2 instances requests), and add the IP(s) of the external API, setting its target to the NAT Gateway.