126. Bastion Containers
AWS Bites27 Kesä 2024

126. Bastion Containers

This episode discusses solutions for securely accessing private VPC resources for debugging and troubleshooting. We cover traditional approaches like bastion hosts and VPNs and newer solutions using containers and AWS services like Fargate, ECS, and SSM. We explain how to set up a Fargate task with a container image with the necessary tools, enable ECS integration with SSM, and use SSM to start remote shells and port forwarding tunnels into the container. This provides on-demand access without exposing resources on the public internet. We share a Python script to simplify the process. We suggest ideas for improvements like auto-scaling the container down when idle. Overall, this lightweight containerized approach can provide easy access for debugging compared to managing EC2 instances.


💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem an AWS consulting partner with tons of experience with AWS. If you need someone to help you with your ambitions AWS projects, check out ⁠https://fourtheorem.com⁠


In this episode, we mentioned the following resources:


Do you have any AWS questions you would like us to address?

Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠⁠⁠

Jaksot(156)

144. Lambda Billing Changes, Cold Start Costs, and Log Savings: What You Need to Know

144. Lambda Billing Changes, Cold Start Costs, and Log Savings: What You Need to Know

Cost is always top of mind when building in the cloud, and recently AWS has introduced some changes worth paying attention to. In this episode of AWS Bites, we explore a shift that caught many by surp...

22 Touko 202513min

143. Is App Runner better than Fargate?

143. Is App Runner better than Fargate?

Picture this. You’ve got a web app built with Rust and Solid.js. It started life running on a dusty on-prem server, but now it's time to move it to the cloud. The clock is ticking. You could take the ...

8 Touko 202542min

142. Escape from S3

142. Escape from S3

We discuss common use cases and challenges for copying data between S3 buckets and S3-compatible object storage services. We share our experience building an open source Node.js CLI tool called S3-Mig...

3 Huhti 202530min

141. Step Functions with JSONata and Variables

141. Step Functions with JSONata and Variables

In this episode, we provide an overview of AWS Step Functions and dive deep into the powerful new JSONata and variables features. We explain how JSONata allows complex JSON transformations without cus...

21 Maalis 202515min

140. DuckDB Meets AWS: A Match Made in Cloud

140. DuckDB Meets AWS: A Match Made in Cloud

In this episode, we explore DuckDB, an open-source analytical database known for its speed and simplicity. Discover how DuckDB stands out in various applications and compare it to other tools like SQL...

21 Helmi 202517min

139. Building Great APIs with Powertools

139. Building Great APIs with Powertools

In this episode, we discuss using AWS Lambda Powertools for Python to build serverless REST APIs with AWS Lambda. We cover the benefits of using Powertools for routing, validation, OpenAPI support, an...

19 Helmi 202524min

138. How Do You Become A Cloud Architect?

138. How Do You Become A Cloud Architect?

Ready to take your tech career to the cloud and build those awe-inspiring systems you see? Then you're in the right place. This episode of AWS Bites is your blueprint for becoming a successful cloud a...

10 Tammi 202539min

137. Transit Gateway Explained

137. Transit Gateway Explained

In this episode, David Lynam provides an overview of AWS Transit Gateway, which aims to simplify complex network connectivity between VPCs, VPNs, and on-premises networks. We discuss the limitations o...

13 Joulu 202418min