Let's say I buy a /24 IP address block and port it to AWS. My friend Bob and I are both on AWS. Would it be possible to share some of my IP addresses with Bob in a secure way?
I know that VPC peering[0] is possible across separate AWS accounts, what I don't know is that:
1. Whether or not my /24 block is "compatible" with VPC peering or not
2. How to prove to Bob that I'm not potentially MitMing him (assign my /24 block to VPC1, peer with Bob using VPC2, and MitM between VPC1 and VPC2 since they're both under my control). Would creating an IAM user with read-only VPC permissions work for this?
AWS is just an example. I would be happy to do this at any major provider (AWS and GCP are the two I know that allows bring-your-own-ip).
Yes it is, and using routing the IP can arrive everywhere in a tunnel, not just AWS.
You only need a good system administrator. I can get you in touch with friends who specializes in that. They will certainly recommend your /24 to be pointing to a more friendly provider of your choice, like one with a flat rate!
/24 with ASN -> friendly provider -> any ip goes where you want (digital ocean, aws, etc.)
But no, you can't prove you aren't MiM. Who has control of the /24 at any point could (ex: the 'friendly' provider)
I know that VPC peering[0] is possible across separate AWS accounts, what I don't know is that:
1. Whether or not my /24 block is "compatible" with VPC peering or not
2. How to prove to Bob that I'm not potentially MitMing him (assign my /24 block to VPC1, peer with Bob using VPC2, and MitM between VPC1 and VPC2 since they're both under my control). Would creating an IAM user with read-only VPC permissions work for this?
AWS is just an example. I would be happy to do this at any major provider (AWS and GCP are the two I know that allows bring-your-own-ip).
[0] https://docs.aws.amazon.com/vpc/latest/peering/what-is-vpc-p...