How Can We Use AWS CloudShell While Keeping Our Laptops Network-Isolated?

0
1
Asked By TechyNinja42 On

I'm in a bit of a bind here—my team can only access our secure VPC when our laptops are completely isolated from the internet due to compliance rules. Right now, we're managing this with a VPN that blocks all internet traffic while we connect to our jump host within the bastion subnet. I'm curious if there's a way to do something similar with AWS CloudShell. Specifically, can we set it up so that CloudShell can only be accessed if our laptops are not connected to the internet? CloudShell seems like an awesome tool, but if my infosec team says we can't use it without this isolation, our workflow is going to be majorly impacted. Any thoughts?

2 Answers

Answered By CloudGuru88 On

It really depends on your reasons for needing isolation. Are you trying to protect against data egress? You might be missing that even if you block internet access, there's still a risk of local copying and leaks afterwards. CloudShell does have VPC controls, but those may not fully ensure the level of isolation you're looking for. You might want to consider AWS Workspaces instead; it’s a more controlled environment.

Answered By SecureAccessFan On

You should check out AWS Console Private Access. It's outlined in their docs and could provide some of the security controls you need. Just a heads up, though—it looks like it mainly restricts access to accounts over a corporate network, rather than enforcing that all access comes from there.

CloudyWizard_99 -

That’s a good point! But isn't the real concern about ensuring access only from within the corporate network? It might not work for your isolation requirements.

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.