Gateway Policy with Amazon ELB and dynamic IPs

Hello,

I added VPC internal network to Cloudflare tunnel, everything is ok but…

Do you have any idea how handle Gateway Policy for resource hosted on AWS with Elastic Load Balancer? Load Balancer pointed to internal IP ranges which change every few days so if I create policy in Gateway Network Policies:

User Email is [email protected](dot)com
AND
Destinaion IP in 10.1.1.30 10.1.2.120
ACTION
Allow

it stop working after few days (new internal IPs assigned by ELB). Access to app via ELB should be limited to given users.

Any idea? 2x EC2 hosted on ELB for loadbalancing and HA purpose.

$ host myapp(dot)example.com
myapp(dot)example.com is an alias for internal-lb-internal-prod-myapp-example-219931.eu-central-1.elb.amazonaws.com.
internal-lb-internal-prod-myapp-example-219931.eu-central-1.elb(dot)amazonaws(dot)com has address 10.1.1.30
internal-lb-internal-prod-myapp-example-219931.eu-central-1.el(dot)amazonaws(dot)com has address 10.1.2.120