Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Content provided by AWS Bites. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by AWS Bites or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Similar to AWS Bites
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
We help founders make something people want.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Redefining AI is the 2024 New York Digital Award winning tech podcast! Discover a whole new take on Artificial Intelligence in joining host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and ...
…
continue reading
A podcast about web design and development.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
78. When do you need a bastion host?
Manage episode 361877204 series 2980070
Content provided by AWS Bites. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by AWS Bites or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Harken, good sir! Art thou aware of the arcane art of safeguarding thy AWS instances from malevolent threats whilst keeping them accessible for thy travels? There exists a mighty tool for such purpose, and it is hight the "bastion host." In this pamphlet, we shalt unravel the mysteries of the bastion host and showeth thee how to useth it to safeguard thy web space. We shall commence by presenting a shadowy example architecture and introducing thee to the definition of a bastion host. We shalt then delve into the question of whether bastion hosts could be a security liability and explore the enigmatic concept of port-knocking. We shalt also take thee on a valiant journey of how to provision a bastion host on AWS, and explaineth the cryptic basics of SSH and tunnels. Thou shalt discover the dark side of managing SSH keys and auditing SSH connections, and we shall reveal the secrets of AWS EC2 Instance Connect and AWS Session Manager (SSM) as solutions. Thou shalt learn how to accept connections without exposing a port on the public internet, and we shall introduce thee to a mysterious tool called "basti" that can make it easier to provision SSM-based bastion hosts and connect to thy databases. We shalt wrap up by revealing alternative security measures to the mysterious bastion host and provide thee with cryptic closing notes to summarize the key takeaways from this video. Heed our call to this intriguing guide to securing thy web space, and may the forces of the internet be in thy favor! 🛡️ SPONSORS 🛡️ Harken, good folk! We would like to offer our deepest gratitude to our noble sponsor, fourTheorem (https://fourtheorem.com), an AWS Consulting Partner that doth offer training, cloud migration, and modern application architecture. Thanks to their generosity, we are able to continue on our journey of imparting wisdom and knowledge regarding AWS.
Verily, in this episode, we hath made mention of the following resources:
- An open-source implementation of the port-knocking technique
- Thee official guide to set up EC2 Instance Connect
- A list of AWS IPs
- Thee official docs on how to set up SSM
- SSM agent code on GitHub
- Thee inlets project on GitHub
- Basti on GitHub
- Tailscale
- Wireguard
Hear ye, hear ye! AWS Bites is at thy disposal wherever thou mayest listen to thy podcasts:
- Apple Podcasts: https://podcasts.apple.com/us/podcast/aws-bites/id1585489017
- Spotify: https://open.spotify.com/show/3Lh7PzqBFV6yt5WsTAmO5q
- Google: https://podcasts.google.com/feed/aHR0cHM6Ly9hbmNob3IuZm0vcy82YTMzMTJhMC9wb2RjYXN0L3Jzcw==
- Breaker: https://www.breaker.audio/aws-bites
- RSS: https://anchor.fm/s/6a3312a0/podcast/rss
148 episodes
Share
Manage episode 361877204 series 2980070
Content provided by AWS Bites. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by AWS Bites or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Harken, good sir! Art thou aware of the arcane art of safeguarding thy AWS instances from malevolent threats whilst keeping them accessible for thy travels? There exists a mighty tool for such purpose, and it is hight the "bastion host." In this pamphlet, we shalt unravel the mysteries of the bastion host and showeth thee how to useth it to safeguard thy web space. We shall commence by presenting a shadowy example architecture and introducing thee to the definition of a bastion host. We shalt then delve into the question of whether bastion hosts could be a security liability and explore the enigmatic concept of port-knocking. We shalt also take thee on a valiant journey of how to provision a bastion host on AWS, and explaineth the cryptic basics of SSH and tunnels. Thou shalt discover the dark side of managing SSH keys and auditing SSH connections, and we shall reveal the secrets of AWS EC2 Instance Connect and AWS Session Manager (SSM) as solutions. Thou shalt learn how to accept connections without exposing a port on the public internet, and we shall introduce thee to a mysterious tool called "basti" that can make it easier to provision SSM-based bastion hosts and connect to thy databases. We shalt wrap up by revealing alternative security measures to the mysterious bastion host and provide thee with cryptic closing notes to summarize the key takeaways from this video. Heed our call to this intriguing guide to securing thy web space, and may the forces of the internet be in thy favor! 🛡️ SPONSORS 🛡️ Harken, good folk! We would like to offer our deepest gratitude to our noble sponsor, fourTheorem (https://fourtheorem.com), an AWS Consulting Partner that doth offer training, cloud migration, and modern application architecture. Thanks to their generosity, we are able to continue on our journey of imparting wisdom and knowledge regarding AWS.
Verily, in this episode, we hath made mention of the following resources:
- An open-source implementation of the port-knocking technique
- Thee official guide to set up EC2 Instance Connect
- A list of AWS IPs
- Thee official docs on how to set up SSM
- SSM agent code on GitHub
- Thee inlets project on GitHub
- Basti on GitHub
- Tailscale
- Wireguard
Hear ye, hear ye! AWS Bites is at thy disposal wherever thou mayest listen to thy podcasts:
- Apple Podcasts: https://podcasts.apple.com/us/podcast/aws-bites/id1585489017
- Spotify: https://open.spotify.com/show/3Lh7PzqBFV6yt5WsTAmO5q
- Google: https://podcasts.google.com/feed/aHR0cHM6Ly9hbmNob3IuZm0vcy82YTMzMTJhMC9wb2RjYXN0L3Jzcw==
- Breaker: https://www.breaker.audio/aws-bites
- RSS: https://anchor.fm/s/6a3312a0/podcast/rss
148 episodes
All episodes
×
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Similar to AWS Bites
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
We help founders make something people want.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Redefining AI is the 2024 New York Digital Award winning tech podcast! Discover a whole new take on Artificial Intelligence in joining host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and ...
…
continue reading
A podcast about web design and development.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
