How our current ssh config looks like below and it will have multiple line of local forward to tunnel the traffic. Host pg User admin HostName 18.139.62.211 Port 22 ForwardAgent yes LocalForward localhost:6767 xxx-db.ap-southeast-1.production.org:5432 LocalForward localhost:9898 yyyy-db.ap-southeast-1.production.org:443…

Read More

Topic Client machine Pre-Requisite Configure AWS CLIPrerequisite in the client machine (MacBook):Install/Update  AWS CLI version 2Install session-manager-pluginInstall ec2 instance connect cliInstall AWS CLI v2 curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "AWSCLIV2.pkg" sudo installer -pkg AWSCLIV2.pkg -target /Successful installation should output like below Install session-manager-plugin…

Read More

Blackhole/Bastion/Jumphost  is defined as “a server whose purpose is to provide access to a private network from an external network, such as the Internet. Because of its exposure to potential attack, a bastion host must minimize the chances of penetration.”AWS Session manager allows one to make an…

Read More

A simplified AWS account management, with centralised authentication with G Suite identity provider.Use of AWS SSO One login(Gmail Login) for all the AWS Account. Centralised User authentication and authorization AWS Policies can be managed in AWS Root account. Can avoid Manual rotation of Access and Secret Key. Use…

Read More