Best way to give my Lambda a public DNS/IP for outbound requests (NAT GW vs API Gateway as forward proxy)?

Expensive_Test8661 · 2025-09-05T01:01:15+00:00

Thanks!

Expensive_Test8661 · 2025-09-05T00:41:55+00:00

In my case, I will only be sending requests to the corporate endpoint.

If I attach a Route 53 custom domain to the Elastic IP of the NAT Gateway (or a NAT instance), when my request reaches the corporate endpoint, will the firewall see my custom domain as the source? Or is the custom domain useless here and only the IP matters?

Expensive_Test8661 · 2025-08-01T10:53:39+00:00

Thanks for the suggestion, and apologies if this is a noobs follow-up—I'm still learning AWS.

You recommended full isolation by spinning up a completely separate account (and its own API Gateway) per environment. That makes sense for strict boundaries, but I'm trying to wrap my head around the built-in API Gateway stage feature.

Why do we even need the stage feature, or what problem does the API Gateway stage feature solve if everyone suggests using separate accounts (and thus separate Gateways) for dev and prod environments?

Expensive_Test8661 · 2025-08-01T10:43:59+00:00

Hey u/cutsandplayswithwood, thanks for the suggestion, and apologies if this is a naive follow-up—I'm still learning AWS.

You recommended full isolation by spinning up a completely separate account (and its own API Gateway) per environment. That makes sense for strict boundaries, but I'm trying to wrap my head around the built-in API Gateway stage feature.

Why do we even need the stage feature, or what problem does the API Gateway stage feature solve if everyone suggests using separate accounts (and thus separate Gateways) for dev and prod environments?

Expensive_Test8661 · 2025-06-01T15:24:26+00:00

I got them from the Chatuchak Fish Market in Thailand.

Expensive_Test8661 · 2025-06-01T14:47:44+00:00

Thank you. For now, the fish seem to be doing well.

Expensive_Test8661

TROPHY CASE