I have a cluster v 1.15 running in AWS. I have a service that I use from within the pod that I'm not in control of and that requires whitelisting via IP address so I wanted to get a static IP use NAT gateway IP. The cluster is currently running in a public subnet but I'm planning to move the node groups to a private subnet to use the NAT IP. The issue is I have an internet facing Elastic load balancer used by the front end pods in the eks accessed via HTTP and HTTPS that is already attached to the public subnet and I'm afraid that the front end will become unreachable if I move the nodes to a private subnet. Any ideas?
Noticed you have changed your question. Anyway, you can whitelist using the EIP that associated with the NAT.