We have 10 instances which we deployed the app using the AWS ECS and ELB
Due to security reasons the API allows request only through specific IP whitelisted IP addresses.
So we are planning to pass the request through the proxy
How to route an API request go through a proxy
We are using nginx
Any specific way to route an API request go through a proxy will be helful
2
Answers
You won’t need NGINX as a proxy for this use-case, I’d propose to consider looking into using AWS NAT Gateways. NAT Gateway is a highly available AWS managed service that makes it easy to connect to the Internet from instances within a private subnet in an Amazon Virtual Private Cloud (Amazon VPC). Its the perfect place to provide a static IP to all your subnet’s outbound traffic.
In order to provide a NAT Gateway with static IP (Elastic IP) for your cluster’s outbound traffic. This will allow your different tasks running inside your ECS cluster’s private subnets to look like a single requesting entity from an outsider’s POV (in your case, the 3rd party API is the outsider). To achieve this, you will have to:
private subnetsthat redirects outbound0.0.0.0/0to theNAT Gateway.public subnetsthat redirects outbound traffic0.0.0.0/0to the internet gateway.You should consider using NAT Gateway instead. I am assuming you already would have all your containers in a VPC, so you can create a new NAT Gateway within this VPC itself.
You can refer to articles attached below to do this:
https://docs.aws.amazon.com/appstream2/latest/developerguide/add-nat-gateway-existing-vpc.html
https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html
Note: NAT Gateways have price associated with them.
If needed, you can use the elastic IP provided by NAT Gateways on your lambdas as well.