Home > front end >  restricting access to AWS EC2 instance through the bastion
restricting access to AWS EC2 instance through the bastion

Time:10-27

I am running a Linux EC2 instance and have a bastion host running.

What I would like is to only allow access to the EC2 instances through this bastion as a jump server.

I struggle with how to create the EC2 instance so that only connection through the bastion is allowed. Currently., I can just simply SSH into it.

CodePudding user response:

The typical configuration would be:

  • An Amazon EC2 instance in a public subnet acting as a Bastion, with a Security Group (Bastion-SG) that permits access from your IP address only
  • An Amazon EC2 instance in a private subnet (preferably) with a Security Group (App-SG) that only permits inbound SSH (port 22) connections from Bastion-SG

That is, the Security group on the app instance specifically refers to Bastion-SG and only allows SSH connections from the bastion.

Page link:https//www.codepudding.com/frontend/168399.html

Prev:AWS Lambda hang until it timout on stipe invoices list
Next:AWS cloudformation condition for creating a resource
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding