This tutorial will show you how to secure your cloud infrastructure by setting up firewall on AWS EC2 instance & restrict SSH access to CloudLAN room users.
To follow this tutorial, you will need:
- Simply5 CloudLAN account
- AWS account
Get Static IP
Login to CloudLAN & connect to the room with Team VPN.
Copy the Team's Static IP displayed after connecting to the room
New EC2 instance
- Click on Launch Instance in EC2 console
- Choose you EC2 instance configuration as required.
In Configure Security Group step
- Create new security group
- Name security group appropriately, "Company CloudLAN access"
- Add all the service types to be allow to the server
- Under source, select custom from the dropdown
- Enter the Team Static IP & add /32 to the end of the IP
- Click Review and Launch
Once the Instance is created you will be able to securely connect to it only through CloudLAN.
Existing EC2 instances
- Go to EC2 Dashboard
- Under Network & security tab, click on Security group
- Create security group & input necessary details
- Inbound rules add the rules as shown below, this allows all access to the server through you CloudLAN room, create the rule.
- Go to Instances, right-click on Instance which you want to apply the new rule, Networking -> Change security group
- Remove the old security group
- Select new security group created & click Save
Now you have successfully configured the EC2 instance to be accessible only from your CloudLAN room.
Note : Make sure you are connect with Team VPN ON to access secure servers.