How should they architect their solution?

By:
On:
In: SAP-C01
Tagged:
With: 0 Comments
A web company is looking to implement an external payment service into their highly available application deployed in a VPC Their application EC2 instances are behind a public facing ELB.Auto scaling is used to add additional instances as traffic increases under normal load the application runs 2 instances in the AutoScaling group but at peak it can scale 3x in size.The application instances need to communicate with the payment service over the Internet which requires whitelisting of all public IP addresses used to communicate with it.A maximum of 4 whitelisting IP addresses are allowed at a time and can be added through anAPI.

How should they architect their solution?

Route payment requests through two NAT instances setup for High Availability and whitelist the Elastic IP addresses attached to the MAT instances.

Whitelist the VPC Internet Gateway Public IP and route payment requests through the Internet Gateway.

Whitelist the ELB IP addresses and route payment requests from the Application servers through the ELB.

Automatically assign public IP addresses to the application instances in the Auto Scaling group and run a script on boot that adds each instances public IP address to the payment validation whitelist API.

Explanations:

This option uses NAT instances to allow the application instances to communicate with the payment service while keeping their private IPs secure. The Elastic IPs of the NAT instances can be whitelisted, ensuring that all outgoing traffic from the application instances uses these static IP addresses. This setup also supports high availability by deploying two NAT instances.

Whitelisting the VPC Internet Gateway Public IP is not valid because the Internet Gateway does not have a fixed public IP. Instead, it allows communication between the VPC and the Internet but does not assign a static IP that can be whitelisted. Additionally, routing traffic directly through the Internet Gateway does not provide a controlled way to manage the limited number of whitelisted IPs.

Whitelisting the ELB IP addresses is not a viable solution because the ELB IP addresses can change. ELB uses a pool of IP addresses that can vary over time, which makes it unreliable for whitelisting in this context. Moreover, traffic routed through the ELB does not guarantee that the same IP will be used for outbound connections.

This option would involve dynamically assigning public IPs to EC2 instances, which could lead to more than four IPs being active at peak times due to the scaling of the Auto Scaling group. The solution requires maintaining a maximum of four whitelisted IPs, which this method does not guarantee, making it impractical for the requirement of whitelisting a limited number of IP addresses.

Leave a Reply

Your email address will not be published. Required fields are marked *

four × 5 =