I have couple of tomcat servers running in my private subnet and our third party vendor wants to white list the traffic originating from this private instance. I have configured the NAT Gateway for this private subnet , so my question is should I give the elastic ip address of the NAT gateway for white listing? By doing so will the third party vendor be able to allow the traffic?
Yes provide the elastic ip address, because the NAT will translate all your private IPs into that elastic IP. Therefore when traffic originates from your private instances, they look like they came from the elastic IP out in the open internet.