I have a website which is running on ec2 windows instance. I want to expose that to a public endpoint without opening any port on the ec2 instance. Only outbound connections are allowed on ec2 instance.
How can hook some cloud resource/application in front of my website so that it can be accessed by someone in public internet? What i am looking for is a tcp relay functionality that a call from public internet browser is just routed to my local website on ec2 with minimal effort. Something like what is explained here: https://serverfault.com/questions/760129/what-is-a-tcp-relay-and-when-is-it-used/760142
Can someone suggest something? Or if AWS doesnt expose such a relay functionality, can something be done using websockets in AWS-iot?
I found ngrok as a 3rd party tool, but I want to stick to AWS options only.
This is exactly what a Classic Elastic Load Balancer does. Usually, there's more than one instance (hence, "load balancer") but this works exactly as you describe with just one instance.
The ELB is globally-accessible, and then it forwards the traffic to the instance. Nobody connects directly to your instance.
Of course, you have to open a port on the instance for the ELB to access it, but you would have to do that with any "relay" solution. This access can be limited only to the ELB itself.