Hi Everyone, At our company we have a new requirement from our service providers that we provide them a list of IP ranges that are allowed to make requests to their APIs. This is typical, but I'm somewhat fresh to operating Datomic environments still and I would like to see if anyone has concerns about the following. I learned that Datomic created our VPC and subnets when the storage stack was spun up. The resulting VPC architecture was 3 subnets that route all EC2 traffic through the VPC's Internet Gateway to the public internet. The EC2s are assigned public IP addresses. The consequence of this is that all third parties services we use will perceive internet traffic as coming from each individual EC2 instance public IP. What we would prefer is that we have a fixed-size static set of 3 IP addresses that our outbound traffic is perceived to be coming from, independent from our application deployments. So the plan is simply to add 3 more subnets to our VPC, each having a NAT Gateway. The NAT Gateways will route outbound traffic to the VPC's Internet Gateway. The existing subnets will route traffic to the NAT Gateway in each respective AZ instead of the Internet Gateway. We're pretty sure that the VPC architecture won't be changed often (or maybe ever?) when the storage stack updates, so we feel comfortable managing these changes. Every other solution involves more complexity and this one is actually fairly standard as far as VPC solutions go. Does this sound reasonable to the Datomic team?