What is Bastion Host and why it is so important? - Step by Step tutorial (Part-6)
Рет қаралды 14,689
Күн бұрын▬▬▬▬▬▬ 🚀 Courses ▬▬▬▬▬▬
1. Terraform - • HashiCorp Terraform As...
2. Ansible - • Ansible for Beginners:...
3. Prometheus & Grafana - • Getting started with P...
4. Helm Chart - • Complete Helm Chart Tu...
5. Hashi Corp vault - • HashiCorp Vault Instal...
6. AWS Course - • AWS Course
▬▬▬▬▬▬ 🚀 What is Bation Host? ▬▬▬▬▬▬
Bastion Host Lab Session: Secure Access for Private Networks
Welcome to this comprehensive lab session where we demystify the process of setting up a bastion host, an integral component for secure remote access to servers in private networks. While this session primarily uses AWS as a reference, the core principles and methodologies apply universally across all major cloud providers.
🕒 Timestamps:
0:00 - Introduction
0:07 - What is a Bastion Host & High-Level Architecture?
3:16 - Setting Up the Cloud Environment
4:10 - Creating a VPC/Network
5:50 - Setup internet gateway
4:10 - Create public & private Subnets
10:23 - Create Public Route table
14:39 - Create Private Route table
16:09 - Launching the Bastion Host Server
22:26 - Initializing a Server in the Private Network
25:24 - SSH into the Bastion Host
28:27 - Key Management and Secure Access Protocols
30:22 - From the Bastion, SSH into the Private Server
32:02 - Conclusion & Key Takeaways
📚 Resources and Links:
Universal Bastion Host Documentation
Secure Cloud Networking Best Practices
More on Multi-Cloud Strategies
We hope this lab session brings clarity to the importance and implementation of bastion hosts. The techniques shown here can be replicated and tailored to fit the specifics of any cloud environment. Don’t forget to like, share, and subscribe for more insightful tech tutorials!
@SureshKumar-kh5ht 3 ай бұрын
Your are one of the best DevOps trainers Who provides in deapth info for DevOps aspirants Thank you Rahul
@RahulWagh 3 ай бұрын
Glad to help
@manthuvishwakarma 11 күн бұрын
You are the one who is teaching the topics from Scratch and explaining in easy way to understand the topics very easily. Thank you so much sir.
@RahulWagh 9 күн бұрын
You are most welcome
@dmt15 8 ай бұрын
What a great series with clear explanation. Please continue this series, I’m looking forward to the next chapter :)
@RahulWagh 8 ай бұрын
There are more to come but if you are interested in more in depth content consider being KZbin member for more premium content
@debashissinha8489 2 ай бұрын
O my God !! The unique way Rahul explains is the superb in my IT tenure. Is there any Azure DevOps series of terraform automation created by Rahul ?? Hats off for your rare quality, Rahul !!!
@RahulWagh 2 ай бұрын
Thanks for liking it. As off now there is no terraform azure series
@NickVinckier 3 ай бұрын
Thank you for such a clear explanation and demo. The pace of this was perfect for me and I was able to grasp the concepts well. Created my own VPC with bastion/jump host and all was working as intended. Many thanks and keep the great content coming!
@RahulWagh 3 ай бұрын
Glad to hear that it works for you
@clipsupportgroup8292 Ай бұрын
Good job sir, I cleared my doubts. Thanks once again.
@BarneyMyBoy 8 күн бұрын
Thank you sir , so far this is the best tutorial about the topic that I have been searching. The diagram and step-by-step demo are really easy and helpful for me to follow along. Liked and subscribed.
@RahulWagh 8 күн бұрын
You are welcome
@pradipsharma8504 7 ай бұрын
Wonderful session. Thanks a lot for your honest effort.
@RahulWagh 7 ай бұрын
Glad to know the feedback back
@prateekverma5169 8 ай бұрын
on point demo , thanks for such content
@RahulWagh 8 ай бұрын
Glad you like it!
@Theparagable 4 ай бұрын
Thank you Rahul.. wonderfully explained
@RahulWagh 4 ай бұрын
Thanks and welcome
@dips_07 7 ай бұрын
What an insightful share... thank you 🙏🙏
@RahulWagh 7 ай бұрын
Cheers
@chukwumaonu7687 4 ай бұрын
This is cool, what looks like a mirage, you made it so simple. Thanks Bro
@oluwabusayoshofowora4372 2 ай бұрын
Thank you, you made me think deeper.
@RahulWagh 2 ай бұрын
You're very welcome
@fahim8690 3 ай бұрын
Thank you very much for this series.. This series really helpful for beginner's like me❤️
@RahulWagh 3 ай бұрын
You're welcome 😊
@mandodarimodi7555 2 ай бұрын
Thaks for sharing.
@ramamoorthy3444 2 ай бұрын
Great explaination. I clear understanding
@RahulWagh 2 ай бұрын
Great to hear!
@user-xt3zk8hl1t 2 ай бұрын
Thank you Rahul bhai. you really doing great job for us.
@RahulWagh 2 ай бұрын
Thanks and welcome
@sahilk335 Ай бұрын
Thank you for detailed explanation.
@RahulWagh Ай бұрын
You are most welcome
@nikkiheer4091 Ай бұрын
Now it's working thank you.
@shakunthalapulugu755 4 ай бұрын
Hi sir,Thankyou for your elaborated explanation.. please explain the purpose of Natgateway.
@manthuvishwakarma 11 күн бұрын
Can you make an video related to how to build SSH connection from bastion Host to EC2 user in Windows PC
@user-mb1xr3zu3b 2 ай бұрын
Liked , commented and subscribed with this one video ❤... looking forward to learn more
@RahulWagh 2 ай бұрын
Glad to have you
@pramodpunnuche5426 6 ай бұрын
Hi Rahul, Thank for the detailed session and I have one question here during NAT gateway session you connected from pubilc ec2 to private ec2 without enabling public IP subnet in private ec2 SG, how you did that? or its connected via NAT gateway?
@RahulWagh 6 ай бұрын
both the ec2 instances are in the same VPC which means both are in same network. The public ec2 instance present in public is only accesible via internet but the ec2 instance present in private subnet can be accessed via public ec2 instance internally without the need of NAT gateway because both of them are in internal network
@kumarswamyba5876 15 күн бұрын
Thank you very much for such a wonderful session sir
@RahulWagh 14 күн бұрын
Keep watching
@atharvameher5880 2 ай бұрын
Great content man
@RahulWagh 2 ай бұрын
You are welcome
@harryprsd1 8 ай бұрын
Great info. Can we have similar setup in azure?
@RahulWagh 8 ай бұрын
Yes the bastion host concept is common and can be used in any cloud provider
@raghavayoga Ай бұрын
Very well explained
@RahulWagh Ай бұрын
Keep watching
@manojgandham-lu7tu 8 ай бұрын
Well explained ❤
@RahulWagh 8 ай бұрын
Glad it was helpful!
@gurunathaade4499 7 ай бұрын
Hi sir , You are doing great jobs pls make a series continuesly, i hope you have to be done with the best way 🙏❤
@RahulWagh 7 ай бұрын
Cheers
@thapasujan07 16 күн бұрын
Thank you Sir. 💞
@RahulWagh 16 күн бұрын
Always welcome
@githinthomas4787 4 ай бұрын
well explained thank you
@RahulWagh 4 ай бұрын
You're welcome!
@kammellapradeep7224 2 ай бұрын
Very nicely explained , do you cover google cloud topics as well Rahul?
@RahulWagh 2 ай бұрын
Not yet on GCP yet but soon I am planning to do it. What would you like to see on GCP?
@mothusi 10 күн бұрын
Does having an EC2 instance in a public subnet automatically make that a Bastian host? Because in the video I did not see any specific configurations to the instance in the public subnet. What make an EC2 instance a Bastian host?
@kiranyadav-gf6cd Ай бұрын
Amazing content bro.. keep going on please do aws solution architect entire course..
@RahulWagh Ай бұрын
Thanks and sure
@CodingChannel1 8 ай бұрын
Awesome 👌
@RahulWagh 8 ай бұрын
Thank you! Cheers!
@clipsupportgroup8292 Ай бұрын
can we set the rule at S3 , after number of days the particular url link(downlodable) will not work if i shared it publically? Please guide me.
@nurhossainsakil9904 4 ай бұрын
I can't copy the private key. Can anyone help me please?
@iamsreejuks 4 ай бұрын
Hello Rahul, Correct me if I am wrong, both the ec2 instances are in the same VPC which means both are in same network, so it will connect right?. I still could not understand the concept of bastion. I already watched "Mastering AWS: NAT Gateway Setup in Your VPC" video, comparing these to, the differences are, in this video you explicitly adding Security group and in NAT gateway video all the configurations are same except the private subnet want to access internet(outbound only) using NAT. So adding the security group(enabling access from Private IPs of Public EC2 to all port in the Private ec2) is how a bastion host differs from normal private-public environment.
@bhardwaj_abhi3421 3 ай бұрын
yup ,whole setup is same as explained in VPC video
@vikki5329 5 ай бұрын
Awsome Example Bro can you please cover examples for Elastic Network Interfaces,Elastic Fabric and Elatic adapter network and placement groups
@RahulWagh 5 ай бұрын
Noted
@nurhossainsakil9904 4 ай бұрын
@RahulWagh please help to get the copy of my private key. I can't read or copy the key from my .pem file
@nikkiheer4091 Ай бұрын
I am not able to connect to private ec2 while connecting to private ec2 from bastion host. Doing ssh as shown in video, i did all steps correctly and tried but while doing ssh to private ec2 nothing is coming, its just blank
@RahulWagh Ай бұрын
could be many reasons but check the security groups
@tanayabanerjee2380 6 ай бұрын
Hello sir...if possible then please try to make a detail video on IP, Subnetting or other networking concepts ,it will be very helpful...Thank you🙂
@RahulWagh 6 ай бұрын
Here is a video which is already there on my channel- AWS how to setup VPC, Public, Private Subnet, NAT, Internet Gateway, Route Table? - (Part-5) kzbin.info/www/bejne/amTXeottbpVkfdU
@MahekMordani-pu8sx 2 ай бұрын
Hi Rahul do you also do one on one consulting for entrepreneurs
@RahulWagh 2 ай бұрын
There is paid consulting which I do, if interested you can reach out to me at - rahul.wagh@jhooq.com
@user-bz9fl7zh1m 3 күн бұрын
Can you please make a video on how to Configure the Web application(Python Flask) And Database (Postgre SQl) in the EC2 instance, by using the same security bastion host.
@RahulWagh 3 күн бұрын
It is already there - Real Time DevOps Project | Use Terraform Jenkins AWS to deploy REST API kzbin.info/www/bejne/paW0opdtfLeJgZI
@user-og8bq2pu7e 5 ай бұрын
Hello Sir, please create a video on sqs with real time understanding
@RahulWagh 5 ай бұрын
Surely I will try my best
@prashantsukhadeve9642 8 ай бұрын
Good Evening Rahul. I hope you are doing well
@RahulWagh 8 ай бұрын
hi parshant good evening i am good thanks for asking
@ShaliniSingh-mu3em 16 күн бұрын
How do we establish an internet connection on private ec2?
@RahulWagh 16 күн бұрын
Use NAT gateway
@subash000000 7 ай бұрын
why we are using ipv4 cidr 0f 12 range why not 10 ?
@RahulWagh 7 ай бұрын
When it comes to choosing a CIDR range for a network, there are several factors to consider, including the size of the network, the number of hosts that need to be accommodated, and the availability of IP addresses. The "/12" in IPv4 CIDR notation corresponds to a subnet mask of 255.240.0.0, which means that the first 12 bits of the IP address are used for the network portion, leaving 20 bits for host addresses. This allows for a total of 2^20, or 1,048,576, IP addresses in the subnet (though the first and last addresses are reserved for the network and broadcast addresses, respectively). On the other hand, a "/10" CIDR range corresponds to a subnet mask of 255.192.0.0, which provides for 2^22, or 4,194,304, IP addresses in the subnet. The decision to use a "/12" CIDR range instead of a "/10" range would typically be based on the need for fewer IP addresses than a "/10" range provides. Using a "/12" range when a "/10" range is not necessary can help conserve IP addresses, which is particularly important given the limited availability of IPv4 addresses. However, it's also worth noting that the decision could be influenced by other factors, such as the design of the larger network, routing considerations, and the allocation policies of the organization or service provider managing the IP addresses.
@subash000000 7 ай бұрын
@@RahulWagh.thank you for your explanation but i mean we use 10.x.x.x but you use 12. i liked your teaching and explanation.🙂
@RahulWagh 7 ай бұрын
@@subash000000 there is no rule on using 10.x.x.. or 12.x.x…. It is your own vpc just pick the range which you like. The vpcs are not in public domain so you have liberty to choose any range
@subash000000 7 ай бұрын
@@RahulWagh thank you for such quick response.
@shailendraverma1675 Ай бұрын
Hello sir what if we created our bastion host in private network so is there anyway ? How we can access that
@RahulWagh Ай бұрын
The whole purpose of bastion host is to enable access to server present into private subnets. Bastion host in private subnet doesn’t make a sense
@shailendraverma1675 Ай бұрын
@@RahulWagh thanks for replying !!! To make this process more secure what can we do any suggestions ?? Like can we attach a VPN
@manojgandham-lu7tu 8 ай бұрын
Can we expect ks8 series from you..?
@RahulWagh 8 ай бұрын
Hopefully soon I will prepare in k8s
@brianlevu3507 4 ай бұрын
why didnt you use scp to cpoy the pem file
@RahulWagh 4 ай бұрын
Yes you can use SCP instead of manually copying the ssh keys
@brianlevu3507 4 ай бұрын
@@RahulWagh 😆
@bikdigdaddy 20 күн бұрын
i did the exact same but i didn't make a private route table and it still worked. why
@RahulWagh 20 күн бұрын
May be you might have made the private subnet as public subnet
@bikdigdaddy 20 күн бұрын
@@RahulWagh I'm pretty sure i did not. upon further inspection, i found that there's a default route table assigned to the private subnet (you see it at 10:44) and that allows connectivity inside the same VPC. so that implies if you allow ssh to pvt ec2 in the security group, you'll be able to connect to it from the public ec2 thus no route table needed.
Rahul Wagh
Рет қаралды 38 М.
Tiny Technical Tutorials
Рет қаралды 69 М.
Rahul Wagh
Рет қаралды 16 М.
Digital Cloud Training
Рет қаралды 47 М.
Be A Better Dev
Рет қаралды 32 М.
notebook-31
Рет қаралды 135 М.
Immersed
Рет қаралды 4 МЛН