How to setup a Fixed IP address in AWS

Steps below outline how to create a proxy server using TinyProxy with a fixed IP address on a port of 9898.

Intro

This guide illustrates how to setup TinyProxy on a AWS EC2 Instance, which is useful for having a fixed IP address if needed to proxy though say AWS lambda apps.

Create an EC2 Instance

1. Go to on to the EC2 area within AWS Console.

2. Click on “Launch Instances” button.

3. Choosing a AMI. Select a Ubuntu Image. E.g. “Ubuntu Server 20.04 LTS (HVM), SSD Volume Type”. 64-bit (x86)

4. Instance type - t2.micro, then click “Next” and leave all defaults till you reach “Configure Security Group”.

5. Security Group

• In this section, we will setup port access and opening a port for the proxy server which will be 9898.
• Create a “Create a new security group”.
• In the “Security group name:” enter a name such as “Proxy server security group”.
• Add the following Inbound rules. Notice that the last “Custom TCP” is a custom port of 9898 which will be the port number for TinyProxy.

  Type	Protocol	Port range	Source
  SSH	TCP	22	0.0.0.0/0, ::/0
  HTTPS	TCP	443	0.0.0.0/0, ::/0
  HTTP	TCP	80	0.0.0.0/0, ::/0
  Custom TCP	TCP	9898	0.0.0.0/0, ::/0

6. Click on “Launch”

7. On the “Select and existing key pair or create a new key pair” dialog option.

• Select “Create a new key pair”.
• Leave “RSA” key pair type.
• Give the key pair a memorable name e.g. “proxy-server-key-pair”
• Click on “Download Key Pair”.

8. Click on “Launch Instances”.

Allocate a Fixed IP address

Now that an EC2 Instance is ready, we need to allocate a fixed IP address.

The AWS articles below outline how to do this.

1. Allocate an Elastic IP address
2. Associate the Elastic IP address

Connecting to EC2 Instance

Now we need to connect to the EC2 Instance we just created.

1. Click on the EC2 Instance that was created in the AWS Console.

2. Click on “Connect”.

3. On the “SSH client” tab. a) Follow the steps provided by AWS to see if you can connect via SSH. b) If the step above using the command ssh -i "proxy-server-key-pair.pem" [email protected] does not work.

   • Make a note of the username. In this example its ubuntu.
   • Open your .ssh config in your choice of editor. This is usually located in ~/.ssh/config.
   • Add the following host in your .ssh config file. Be sure to change the location of the IdentityFile to where you have saved the key pair.

     # EC2 (eu-west-1) Ubuntu
     Host ec2-52-152-262-58.eu-west-1.compute.amazonaws.com
     User ubuntu
     IdentityFile C:\aws\proxy-server-key-pair.pem
     IdentitiesOnly yes
     

4. Connect via SSH

Launch a terminal and connect to the EC instance.

ssh ec2-52-152-262-58.eu-west-1.compute.amazonaws.com

Installing TinyProxy

Once connected to EC2, we need to run and update apt-get before we install TinyProxy.

1. Update and load package information apt-get

   sudo apt-get update
   

2. Install TinyProxy

   sudo apt-get install tinyproxy
   

Configuring TinyProxy

1. Edit the tinyproxy.conf

   sudo nano /etc/tinyproxy/tinyproxy.conf
   

2. Ensure the following configs have been set as shown below

   User tinyproxy
   Group tinyproxy
   
   Port 9898
   
   Allow 127.0.0.1
   
   # Custom Allow
   Allow 0.0.0.0/0
   
   ConnectPort 443
   ConnectPort 563
   ConnectPort 80
   ConnectPort 9898
   

3. Restart the service

   sudo /etc/init.d/tinyproxy restart
   

Verify TinyProxy service is running

service --status-all

Sample output of services running

ubuntu@ip-181-51-23-11:~$ service --status-all
 [ + ]  acpid
 [ + ]  apparmor
 [ + ]  apport
 [ + ]  atd
 [ - ]  console-setup.sh
 [ + ]  cron
 [ - ]  cryptdisks
 [ - ]  cryptdisks-early
 [ + ]  dbus
 [ - ]  grub-common
 [ - ]  hibagent
 [ - ]  hwclock.sh
 [ - ]  irqbalance
 [ - ]  iscsid
 [ - ]  keyboard-setup.sh
 [ + ]  kmod
 [ - ]  lvm2
 [ - ]  lvm2-lvmpolld
 [ + ]  multipath-tools
 [ - ]  open-iscsi
 [ - ]  open-vm-tools
 [ - ]  plymouth
 [ - ]  plymouth-log
 [ + ]  procps
 [ - ]  rsync
 [ + ]  rsyslog
 [ - ]  screen-cleanup
 [ + ]  ssh
 [ + ]  tinyproxy  <------------------------- tiny proxy is up and running
 [ + ]  udev
 [ + ]  ufw
 [ + ]  unattended-upgrades
 [ - ]  uuidd

Diagnosing TinyProxy logs

• Checking logs: /var/log/tinyproxy/tinyproxy.log sudo tail -n100 /var/log/tinyproxy/tinyproxy.log
• Starting the service: sudo /etc/init.d/tinyproxy start
• Restarting the service: sudo /etc/init.d/tinyproxy restart

Verify things are working

1. Run a curl command within EC2

   curl --proxy localhost:9898 https://httpbin.org/ip
   

You should get the same public ip address of the elastic ip.

2. Run a curl command from your local machine

   curl --proxy <elastic-ip>:9898 https://httpbin.org/ip
   

   You should get the same public ip address of the elastic ip.

Setup a Cron job

Finally, it has been advised to setup a cron job to restart TinyProxy to avoid memory leaks.

As the sudo command is needed in order to restart TinyProxy, we need to update the root Cron tab.

1. Edit crontab with sudo

   sudo crontab -e
   

2. Enter a cron schedule

   0 2 * * * /etc/init.d/tinyproxy restart
   

3. Verify the cron has been added

   sudo crontab -l
   

References:

• https://aws.amazon.com/premiumsupport/knowledge-center/ec2-associate-static-public-ip/
• https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html#using-instance-addressing-eips-associating
• https://medium.com/@yurysmykalov/aws-lambda-with-static-outgoing-ip-a-complete-no-vpc-tutorial-8b994229dee4
• https://gist.github.com/webinista/812c20247a6c21e639ce