I have an ask from an external customer that is whitelisting our NAT gateways to access their systems and their vendors systems. They said some of their vendors limit the amount of IPs they can whitelist. They asked if we could provide a single IP instead of multiple IPs per region.
Now obviously I could just use a single NAT gateway for the entire VPC and problem solved. However that would compromise our commitment to building a high availability solution. Thus this leaves me searching for a solution that will allow for a single egress IP but maintain the redundancy of running NATs in multiple AZs.
I have tried researching solutions and two technologies that stand out are Gateway Load Balancer and Transit Gateway. However it is still unclear to me whether I can leverage them to achieve the desired goal or not. And even if I could it seems like overkill for my needs.
Is there a solution that I am missing, is this even possible? Our external customer seems to thinks so, they suggested just using a load balancer. But putting a load balancer in front of NAT gateways does not appear to be a thing.
Edit: This article describes something that might be what I am looking for however, I think this still would have the IP addresses coming from the NAT gateways depending on which AZ the outgoing request originates from.
