Using whitelisted IP Addresses on client's firewall

Question

I am newbie to AWS. So, I thought of asking this. Let's say that my web service clients can access only whitelisted IP addresses on their firewalls for security reasons. Moreover, I have an ELB in front of an EC2 instance running, say, basic index.html file.

I've two Questions:

1. I think one way to solve this would be to use an NLB (network load balancer) with associated Elastic IP. (NLB does support Elastic IP.) Am I right?

2. Can I use an A record in Route 53 hosted zone pointing to Elastic IP address? I am curious based on discussion (Use of Elastic IP address in Route 53 not working). I'd appreciate any insights.

Answer 1

A few options:

• Use a Network Load Balancer instead of an Application Load Balancer. An NLB can use a static IP address.
• Use AWS Global Accelerator to have a static IP address that redirects to the Application Load Balancer.
• Put an NLB in front of the ELB. See: Using static IP addresses for Application Load Balancers | Networking & Content Delivery

You could then configure a domain name to point to the Elastic IP address. Then, your users should:

• Whitelist the Elastic IP address
• Access the service via the domain name