I want to create multiple publicly accesible applications on AWS but I have limited Elastic IPs. Is there a better solution?

mk flag

I have multiple web application servers running on different Amazon EC2 instances. At the moment, I am able to access those servers on client devices by assigning an Elastic IP to the EC2 instances and then calling the APIs using either the Elastic IP directly, or by pointing a purchased domain name to the Elastic IP. However, I am now running into the Elastic IP limit, meaning I would have to unassign the Elastic IP from one instance before assigning it to a new instance, and I don't want to do that since the older applications are still in use.

I have looked around to see if I can find a solution for this, and have come across some promising things, such as:

  • dynamic DNS
  • VPC
  • Elastic Load Balancer

but I don't understand them well, since I'm a beginner when it comes to infrastructure. What I'm looking for here is for somebody to point me in the right direction about which method to use and why, as well as ideally some material that I could go through to better understand these concepts in detail.

TLDR: What's the best way to create multiple unrelated publicly accessible web applications, each on it's own separate EC2 instance, on one account in AWS, without running into the Elastic IP limit?

gp flag

Limits are to protect you from accidentally spending too much, and to protect AWS infrastructure from the users. If you have a legitimate need for more resources such as Elastic IPs and have an account in good standing you simply request a limit increase.

To do this go into AWS Support, choose "Create Case", "Service Limit Increase", and choose the resource you would like increased.

Service Limit Increase

I'll also call your attention to "AWS Service Quotas" in the dashboard, which shows you the default and your current limits.

Service Limits

Another Way

It's fine to put EIPs and EC2 instances online. A way that can be better in some circumstances is to create an Application Load Balancer, associate it with an https certificate you created in AWS Certificate Manager, and have it proxy traffic to your EC2 instance private IPs. It costs a little more, but gives your server(s) some extra isolation from the internet. It can help mitigate some types of DDOS attacks as well.

us flag

Often used way is to setup a reverse proxy, which sends traffic to different upstream servers.

For example: -> ->

There are different ways to setup such a reverse proxy. One can set up an EC2 instance with nginx configured as a reverse proxy.

AWS also offers different ways to accomplish the same functionality: AWS API Gateway, Application Load Balancer and Cloudfront.

ml flag
I was going to suggest Application Load Balancer. Sounds like it might be a good fit for you. Look into it! You can set it up and test it while still not touching your current setup.
cn flag

Implement IPv6. AWS can assign globally unique addresses to instances or load balancers. No need for quotas or for the addresses to change, as its not possible to exhaust your personal /56 prefix.

Unfortunately, this is an incomplete solution if your users do not have IPv6 yet. Request a quota increase of Elastic IP address if you need more.

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.