2

I currently have an appengine app and need to make calls to an API that requires IP whitelisting. I can't whitelist the entire appengine IP blocks (as outlined here) because the range is too big.

So - I'd like to use an Amazon EC2 instance with an Elastic IP to act as a proxy between appengine and the 3rd party API. How do I go about doing this? I think there are 2 options....

1) Setup a full blown webserver on the EC2 instance to redirect calls made from appengine to the 3rd party. Seems like a lot of work and maintenance

2) Is there any easy way to forward all web traffic somehow through this EC2 instance? I.e. appengine makes all urlfetch calls through my amazon ec2 instance?

Any other options?

Community
  • 1

1 Answers1

1

It looks like you should set up an EC2 instance with a proxy in place. I would go for Apache with mod_proxy

http://httpd.apache.org/docs/2.0/mod/mod_proxy.html

Make sure you are careful with the setup though. If you set up the instance so anyone may use it as a proxy do not be surprised if someone uses it as a relay for their traffic and drives up a large bill for you.

If the appengine IP ranges are broad it may be tricky to limit access to only yourself. If you are very paranoid about this, it may be best to set up an app that authenticates the API calls before relaying them, but this is obviously a large amount of work.

Flashman
  • 1,321
  • 10
  • 9