CODEX

How to Setup Bastion Server with AWS EC2

You might have various kinds of resources in the AWS account, such as EC2, S3, RDS, DocumentDB, etc and you always don’t want to expose public accesses for them, so how would you or developers access to them securely?

The Bastion server is a common solution which is like a recipient or front desk of your private resources in AWS. It makes sure the visitor is authorized or authenticated to access the office or the people inside the building.

A bastion host is a server whose purpose is to provide access to a private network from an external network, such as the Internet. Because of its exposure to potential attack, a bastion host must minimize the chances of penetration.

In this post, I would show the detailed steps how to setup a Bastion server for your AWS resources and how to connect to them via the Bastion server. Two ways of accessing via a Bastion server is demoed since both are most used in my work:

• Connect to an EC2 instance via a Bastion server

For developers, they sometimes need to login to an EC2 instance in AWS for troubleshooting because there might be an application service running on it. I would show how to SSH to a private EC2 instance via a Bastion server.

• Establish a Tunnel for applications or…