Static IP to Fargate instance without ELB

Question

I'm trying to deploy an SFTP server on Fargate (with S3 as storage). Everything works fine except for the IPs.

I want it to have a static IP both inbound and outbound, I've played a bit with load balancers but since it is an SFTP server I'm forced to use a Network Load Balancer, which apparently doesn't forward the client IP to the server (and I want to allow/deny certain IPs from the SFTP server dashboard).

I was trying to associate an Elastic IP to the Fargate network interface but I'm getting "permission denied" on the resource (I'm doing all this with root account).

Does the network interface have a static public IP already? Should I use that? Is there a way to associate an EIP to a Fargate instance which doesn't use HTTP preserving the client IP?

If all of this is a "no", should I just ditch Fargate and use EC2? Other alternatives?

Answer 1

apparently doesn't forward the client IP to the server

It does forward the client IP to instances, but not when targets are IPs like for Fargate.

Does the network interface have a static public IP already? Should I use that?

The IP is not static.

Is there a way to associate an EIP to a Fargate instance which doesn't use HTTP preserving the client IP?

Sadly, there is not.

If all of this is a "no", should I just ditch Fargate and use EC2?

Yes. You can run ECS on EC2 an instance and attach Elastic IP to the instance.

Other alternatives?

Elastic Beanstalk can be used to deploy docker containers and also provides static IP for the instance hosting the container.