I've been asked by some customers about self-hosted deployments, and I'm really struggling to figure out how to handle remote support effectively. When an issue arises, what should I do? Is it better to SSH in, use a VPN, or is there another method? I'm relatively new to this and would appreciate any advice or tips!
5 Answers
Can you clarify what exactly you’re trying to support? Are you focusing on EC2 instances, using the AWS console, or something else entirely? It would help to narrow it down!
You could set up a bastion host in each network to define access to resources. Ensuring minimal access would be key—like assigning user A specific rights for resource B on site C. Consider tools like Pangolin VPN, which is open source and runs on WireGuard. It's a solid option!
It might be best to clarify your needs further, but using a VPN is generally a reliable way to access someone else's network. I'm not sure why this is specifically in an AWS context, though.
I'm mainly looking for ways to support self-hosted EC2 instances.
There are several methods like using a Jump Box or a VPN to access the network securely. Just keep in mind that each method has its own pros and cons depending on your specific requirements.
A great option is to use AWS Systems Manager (SSM). It's secure, so you won’t need any public IPs or VPNs since everything operates over AWS API endpoints. Plus, SSM keeps a log of your interactions, which is super helpful for troubleshooting. You can even replace your SSH commands in your config with SSM commands to simplify access. For example, you can set it up so you can just SSH into an AWS host directly, and SSM handles the connection behind the scenes!
I mainly want to support self-hosted EC2 instances for our clients.