You can always run a reverse proxy in AWS behind a WAF that then points back to your development machine, it's a complicated solution but it's not new.
If you host your servers internally and you are big organization you have WAF's/Application Firewalls, IPS/IDS, and possibility a DB FW like imperva as well.
Does this lead to issues with deployments? yes, but it doesn't affect your code, if the WAF breaks you application 9/10 unless you use something silly like SQL queries in the URL (yes this has been seen before...) it's up to your security team to adjust the rule set during the pre-prod testing.
If you host your servers internally and you are big organization you have WAF's/Application Firewalls, IPS/IDS, and possibility a DB FW like imperva as well.
Does this lead to issues with deployments? yes, but it doesn't affect your code, if the WAF breaks you application 9/10 unless you use something silly like SQL queries in the URL (yes this has been seen before...) it's up to your security team to adjust the rule set during the pre-prod testing.