I'm looking for the latest best practices for how internal employees can access workloads on EKS or EC2 in our large company (over 1000 employees). We used to rely on Citrix for remote access, but it has become really slow and inconvenient. We're exploring modern and secure alternatives. My first thought was to implement SSO with a VPN, but I wonder if there are other recommended approaches out there.
2 Answers
Another option you could explore is using AWS Systems Manager Session Manager. It allows you to manage EC2 instances without needing bastion hosts or SSH keys, which could be a game changer for your remote access setup.
One approach you might want to consider is implementing a zero trust security model. This means that every access request is treated as if it originates from an open network, regardless of where the request comes from. It enhances security for accessing resources in EKS and EC2.
Yeah, zero trust is definitely worth looking into! You might also want to check out App Stream and Verified Access depending on your specific needs.
Just a heads up, SSM isn't exactly a direct replacement for Citrix; they provide different functionalities, so it’s good to assess your requirements.