Menu
Linux Bastion Hosts on the AWS Cloud
Quick Start Reference Deployment Guide

Security

This Quick Start provisions one Linux bastion host in each Availability Zone with a single security group as a virtual firewall. This security group is required for remote access from the Internet. The security group is configured as follows:

Inbound:

Source Protocol Ports
Remote access CIDR TCP 22
Remote access CIDR ICMP N/A

Outbound:

Destination Protocol Ports
0.0.0.0/0 All All

For additional details, see Security in Your VPC in the Amazon VPC documentation.