2

I would like to attach an elastic IP to an App runner instance. By following the AWS instructions, I first configured the VPC:

VPC

  • Created a new VPC with a NAT gateway enabled on both private subnets (this has been configured when creating the new vpc)

enter image description here

APP Runner - connector

Connected the APP runner to the private subnet (even if I selected both, the first one appeared in the connected, which for me is fine)

enter image description here

However, when checking the IP address of the APP Runner link (through a domain IP checker) is not static.

I tried this configuration with a lambda function, and the static ip works (which means the issue is App Runner and not the network config)

Do I need additional configuration?

Improve this question

1 Answer 1

Reset to default
2

AWS App Runner, when connected to a VPC via a VPC connector, still sends outbound traffic from its own managed ENI in App Runner’s underlying VPC, not through your NAT Gateway. Even though Nat Gateway setup works for Lambda, App Runner does not route traffic through it, so your EIP isn’t the source on the public side.

This is by design, App Runner does not honor the NAT Gateway for outbound.

Reference: https://aws.amazon.com/blogs/containers/deep-dive-on-aws-app-runner-vpc-networking/

Currently, App Runner does not support outbound static IP via NAT Gateway.
Or open a feature request with AWS for adding this functionality.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.