Using a URL instead of an IP address with Amazon Web Service security groups
Posted on 2013-01-08
Is it possible to use a domain name instead of an IP address with Amazon Web Services "Security Groups"?
I have an EC2 instance that I want to allow someone to access via RDP. I don't allow any traffice to my EC2 instance except from IP addresses that I specifically allow. The problem is that this person has a dynamic IP address which means that every time the IP address changes, I will need to change my firewall settings. This person has a domain that resolves to the same IP (i.e. if I ping "myfriendsnetwork.com", this domain resolves to the correct IP address).
I tried entering the domain name instead of the IP address into the exceptions in the firewall, but Amazon does not seem to like it.
I do not want to pay the extra cost for a static IP address (this is very expensive in his country), so I am looking for some way to allow him to RDP into my EC2 instance without opening my firewall to everybody on the planet.
What is the easiest way to accomplish this? If I could just specify a domain as a firewall exception, it would work, but since the Amazon site does not appear to allow anything but an IP, I don't know what to do.