Our AEM CMS cloud environments are in Europe. Our backend systems (for login, may payment, purchase etc) are also in Europe.
Unfortunately, Adobe dont give fixed egress IPs by default, and fixed IPs are required for our AEM instances to communicate to our various backend APIs (they have to be whitelisted).
We have to request fixed IPs for each env, each time they are rebuilt. The fixed IP they give us is a single USA IP. The non fixed IPs are from Europe, but they change every day.
We noticed that our fixed IP envs are taking far longer to hit the backend servers than expected. We put some scheduled API duration checks, and found that our fixed IP envs are routing all traffic from Europe to USA and back to Europe, resulting in 10x longer duration for our backend API calls. so without fixed IP, calls average 80ms, but as soon as the IP is fixed for a given env, they average 800ms. This adds up to poor performance for our users.
Anyone else notice this, or have a solution?
The other serious issue is that the fixed IP they give us is the same for Production, staging and dev. This means dev has to be given the same production backend access as prod, as when we whitelist prod, we also have to whitelist dev as they have the same egress IP. This is insecure. Each env should have its own fixed IP, or at least prod and stage should be different to Dev
Ive raised these issues with adobe support, but response is basically "that's how it is".
It's not really a tenable solution for our organisation at least.
