Share this post:
A new tutorial on deploying a bastion host to securely access remote instances within a virtual private cloud
When designing a solution on the cloud, no application architecture is complete without a clear understanding of potential security risks and how to protect against such threats. As you design the network architecture, you want to limit the entry points into your system—only open the minimum required set of ports on your servers, hide the servers from the public Internet, implement firewall, intrusion detection system, etc.
We have added a new tutorial to the IBM Cloud documentation where we look at how you can administer remote instances within a virtual private cloud while limiting their exposure to the outside world.
Important: IBM will be accepting a limited number of customers to participate in an Early Access program to VPC starting in early April 2019, with expanded usage being opened in the following months. If your organization would like to gain access to IBM Virtual Private Cloud, please complete this nomination form and an IBM representative will be in contact with you regarding next steps.
The first in a series of tutorials on virtual private cloud
This tutorial is the first in a series of tutorials on virtual private cloud. It walks you through the deployment of a bastion host to securely access remote instances within a virtual private cloud. A bastion host is an instance that is provisioned in a public subnet and can be accessed via SSH. Once set up, the bastion host acts as a jump server, allowing secure connection to instances provisioned in a private subnet.
Administrative tasks on the individual servers are going to be performed using SSH, proxied through the bastion. Access to the servers and regular internet access from the servers (e.g., for software installation) will only be allowed with a special maintenance security group attached to those servers.
View the tutorial
Comments, suggestions, and ideas for future tutorials
The tutorials section has a feedback form on the side where you can comment on the content. If you have suggestions on the existing tutorials or ideas for future additions, please submit your feedback.