How to Assign Unique Outbound Public IPs per Client for a Multi-Tenant SaaS on AKS

I am building a SaaS application deployed on Azure Kubernetes Service (AKS). It is a multi-tenant application where multiple clients share the same deployment. The application needs to make outbound API calls to banks, and the banks require that each client’s traffic originates from a unique public IP so they can whitelist it.

Initially, we plan to onboard ~10 clients, but the number will scale up to 200+ clients in the future. Here are some additional details about the setup:

• We have a single deployment in AKS for all clients (no separate namespaces per client).
• A subnet in Azure cannot have multiple NAT Gateways, and managing 200+ outbound rules for public IPs in a Standard Load Balancer might not scale well.
• Cost and simplicity are critical factors for us.

I need a scalable solution that:

1. Ensures each client’s outbound traffic is mapped to a unique public IP.
2. Can handle 200+ clients efficiently.
3. Minimizes operational complexity and cost. Ensures each client’s outbound traffic is mapped to a unique public IP.

What would be the best way to achieve this in Azure? Are there any Azure-native services or configurations (like NAT Gateway, Load Balancer, or other networking features) that can dynamically assign unique outbound IPs per client?

Any guidance, sample configurations or best practices would be greatly appreciated.