Bastion Host Architecture

  • Bastion hosts are deployed in the public subnets of the VPC.

  • Including bastion hosts in your VPC environment enables you to securely connect to your Linux instances without exposing your environment to the Internet.

  • After you set up your bastion hosts, you can access the other instances in your VPC through SSH connections on Linux.

  • Bastion hosts are also configured with security groups to provide fine-grained ingress control.

  • A bastion host is a special purpose computer on a network specifically designed and configured to withstand attacks.

  • Users log on to the bastion host via SSH or RDP and then use that session to manage other hosts in the private subnets.

PreviousShard Iterator Expires UnexpectedlyNextCodeDeploy deployment types

Last updated

Was this helpful?