Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I would configure your AWS instances inside a AWS VPC and then host the VPN endpoint inside the VPC. Then you can open up the VPN as needed via security groups. This gives you a secure channel directly to your instances -- something like this:

                  +------------------+
                  | AWS              |
                  |  +-----------+   |
                  |  | VPC       |   |
   +------+       |  | +-----+   |   |
   | You  | +----------->VPN |   |   |
   +------+       |  | +-----+   |   |
                  |  +-----------+   |
                  |                  |
                  +------------------+
AWS also provides a multi-factor authentication mechanism @ http://aws.amazon.com/mfa/


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: