nullstone icon indicating copy to clipboard operation
nullstone copied to clipboard
verified publisher icon nullstone-io

Automate Bastion configuration

Open BSick7 opened this issue 11 months ago • 0 comments

Overview

Nullstone provides a bastion module which configures an EC2 instance in the network properly. It also comes with a way to configure IP whitelist and a single public SSH key. Recently, we added a variable to add many public ssh keys.

Ideally, this process would be automated.

Details

  • Each user would have a list of public IP addresses and an ssh public key in their user profile.
  • When the bastion is created, Nullstone will source public ip addresses and ssh public keys from the users that have access in the stack.

Considerations

  • If a user changes their profile configuration, how will bastions be updated? (e.g. staging, prod, etc.)
  • If a user is added/removed from a stack, how will bastions be updated?

BSick7 avatar Mar 21 '25 14:03 BSick7