I have some services - mysql, some HTTP services - which I would like to have open for Heroku exclusively. I can define IP adress / IP mask (I am not sure what it is in EC2 security groups). Which IP or mask fits only Heroku? I guess Heroku has more IPs it can possibly access my EC2 instance from.
How can I allow access to some EC2 ports only for Heroku?