This repo is inteneded to provide an example SAM template of how to create a lambda function that sends outbound web traffic via a static IP
There are many use cases for why you would need a static IP for web traffic. The primary use case driving this design was for whitelisting IPs for integrations. Whether it's a website or a partner company, whitelisting IPs is a strong way to provide security for an integrator.
This repo is configured to deploy into your AWS account out of the box in an effort to provide you with the quickest solution possible. Here is the deployment checklist:
- Install and configure the AWS CLI and SAM CLI on your machine.
- Update the root
package.jsonto replace theREPLACE_WITH_BUCKET_NAMEvariables with an S3 bucket in your account - In a terminal window, run the
npm run deploycommand
The template will output two values:
- TestEndpoint - This is a public GET endpoint that will verify the lambda is executing outbound traffic with the created static IP address
- StaticIpAddress - The IP address created in your account. This is the IP address that your traffic will route through.
The following resources will be automatically deployed into your AWS Account:
- 1x VPC
- 2x Subnet (One public and one private)
- 1x Internet Gateway
- 1x NAT Gateway
- 2x Route Table (One for the public subnet and one for the private subnet)
- 2x Routes
- 1x Elastic IP (Used to generate the static IP address)
- 1x API Gateway
- 1x Lambda Function
- 1x IAM Role (Used to execute the lambda function)
To facilitate sending outbound web traffic through a static IP, the below architecture is built.
If you like this repo and the accompanying blog post, show your support by following me on Twitter or connecting with me on LinkedIn. I'm always happy to answer any questions you might have and am open to any ideas you'd like to see turned into an article on my blog!