Let's say I buy a /24 IP address block and port it to AWS. My friend Bob and I are both on AWS. Would it be possible to share some of my IP addresses with Bob in a secure way?
I know that VPC peering[0] is possible across separate AWS accounts, what I don't know is that:
1. Whether or not my /24 block is "compatible" with VPC peering or not
2. How to prove to Bob that I'm not potentially MitMing him (assign my /24 block to VPC1, peer with Bob using VPC2, and MitM between VPC1 and VPC2 since they're both under my control). Would creating an IAM user with read-only VPC permissions work for this?
AWS is just an example. I would be happy to do this at any major provider (AWS and GCP are the two I know that allows bring-your-own-ip).
Yes it is, and using routing the IP can arrive everywhere in a tunnel, not just AWS.
You only need a good system administrator. I can get you in touch with friends who specializes in that. They will certainly recommend your /24 to be pointing to a more friendly provider of your choice, like one with a flat rate!
/24 with ASN -> friendly provider -> any ip goes where you want (digital ocean, aws, etc.)
But no, you can't prove you aren't MiM. Who has control of the /24 at any point could (ex: the 'friendly' provider)
IP space is getting pretty pricey these days, unless you want to go IPv6-only. And whatever the evangelists say, that's still to un-realistic for most people.
Edit: did some reading [1]. Clearly it's not easy to get an ASN. Not something a private person would do.
1: https://www.apnic.net/get-ip/faqs/asn/