Also, maybe if possible you guys can have some sort of basic tutorial on how to setup AWS account and ec2 securely.
There are lots of things, and they seem to have no cost control so security breach or mistakes can lead to large unexpected costs. Imp to have 2 factor through yubikey or totp, and i think best to use permission limited user day to day instead of root, Budget alerts, savings plan etc etc.
Not sure but there also seems to be ways to get access to machine without exposing ip/ports to public.
So some sort of best practices for our specific use case.
Not sure if this makes sense as some might use things other than aws, just writing it down.
We’ve been following this static IP discussion closely because we ran into the same issues internally — especially around location lock-in and managing AWS securely.
From what we gathered, a lot of non-technical traders don’t really want to deal with VPS hardening, firewall rules, VPN setup, monitoring, fail-over, etc. They just want a compliant static IP endpoint that works reliably.
Because of that, we started building a managed setup around a fixed Indian cloud IP (Elastic IP style) with the routing layer pre-configured — VPN + secure proxy — so traders can connect from anywhere while the broker still sees a single whitelisted static IP.
The idea is to keep it simple:
No ISP lock-in
No manual AWS/DigitalOcean configuration
Static IP in India
Clean separation between trading device and whitelisted endpoint
Still early stage, but we’re aiming to make this easier for folks who aren’t infra-savvy.