Bastion host could open you up to a single point of attack? It can, but here are two ways to secure your bastion host:
- AWS security WP recommends only allowing access through the corporate network(VPN access):
- This video talks about separate security credentials for bastion host:
- http://www.youtube.com/watch?v=XhYX06RmMHc&list=PLhr1KZpdzukcPA0A7h3FKDcMfKNPytXVf&feature=player_detailpage#t=837s (this could be a separate user name password or more likely another PEM/PPK private key file)
Having only one point of attack is way better then opening up more than one or all of your EC2 instances for port 22 (SSH..assuming Linux) to 0.0.0.0/0 CIDR block.
Nice blog. Really helpful for learningaws and keep update on some more tutorials….. I liked your blog.
ReplyDeleteSuperb
ReplyDeleteSAP Training in Chennai
SAP ABAP Training in Chennai
SAP Basis Training in Chennai
SAP FICO Training in Chennai
SAP SD Training in Chennai
SAP MM Training in Chennai
SAP PM Training in Chennai
SAP PP Training in Chennai
SAP MDG Training in Chennai
SAP EHS Training in Chennai