How to assign auto elastic IP in AWS auto scaling when new instance create based on load

Question

I have an application which is based on bank payment API. I have configured AWS auto scaling used Application load balancer. Now Bank is asking us to provide live servers public IP to whitelist to use bank API. Now question is that how can I provide a IP list to them because when any new server will create in auto scaling based on load it does not set predefined elastic IP.
So is there any way to Auto set elastic IP on newly created servers?

Also my second question, is there any way to save apache2 access and error logs files based on host dynamic.
I am using EC2 ubuntu 20.04 with apache version 2.4

Please help me for these two queries.

Answer 1

1. Create some EIPs and give them same label such as "group:whitelistforPayment".

2. Create a IAM role, which allow your server can list EIPs and attachEIPs.

3. Install AWS CLI in your AMI and attach IAM role when server started.

4. Prepared "attachEIP" shell script and upload it to s3. in this scripts, you can use aws cli such as: aws ec2 describe-addresses ( list EIPs ...) aws ec2 associate-address ( attach EIP)

5. Modify userdata. download and run the shell scripts when server start.

Answer 2

Question 1:

Move your servers to private subnets and use a NAT Gateway.

Question 2:

Others answers have mentioned third-party logging tools. The native AWS way of accomplishing this would be to install the CloudWatch Logs agent on your servers.

Answer 3

You can put your Auto scaling groups into a private subnet, and then config the output traffic to go through NAT Gateways, and then use NAT's public IP for whitelist. About the input traffic, you can use Global Accelerator in front of your ALB to have static public IP.

About your second questions, I use ELK to achieve it