Accessing instances using bastions
All access to resources inside AMS-managed accounts, for both customers and AMS operators, is gated by the use of bastion hosts. We maintain both Linux and Windows RDP bastions for access for both Multi-account landing zone (MALZ) and Single-account landing zone (SALZ) AMS Advanced accounts.
Your bastions are accessible only over your private connection (VPN or AWS Direct Connect)DX. In addition to firewalling to prevent inbound traffic, bastions are regularly re-provisioned (with existing credentials) on a fixed schedule.
Note
For information on moving files to an EC2 instance, see File transfer: Local Windows or MAC PC to Linux Amazon EC2.
In order to access an instance, you need:
Access granted to the stack. To get access granted to a stack, see Stack Admin Access | Grant or Stack Read-Only Access | Grant.
The stack ID that you want to access so you can be granted access to the instance. To find a stack ID, see Find stack IDs in AMS.
The instance IP that you want to access. To find an instance IP, see Find instance IDs or IP addresses in AMS.
The DNS friendly bastion name or the bastion IP. How to use DNS friendly bastion names and how to find a bastion IP are described next.