1 Answer
- Newest
- Most votes
- Most comments
0
Hello,
To address your specific question around if you can key on the domain in Security Groups, they cannot. Security Groups operate at layer3/4 of the OSI model, where DNS operates in the upper layer.
I understand your struggle with the changing IP of the remote client. If you were to allow a CIDR for their Internet Service Provider that could open access and is not advisable.
With this use case, it may be appropriate to use a bastion host so your remote clients can access your EC2 instance. Then use Security Groups to control that access.
A reference doc for intermediate bastion hosts: https://aws.amazon.com/solutions/implementations/linux-bastion/
answered a year ago
Relevant content
- asked 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
Is this access done publicly? Or via a private connection (VPN for example)?