1 個回答
- 最新
- 最多得票
- 最多評論
0
Hello,
To address your specific question around if you can key on the domain in Security Groups, they cannot. Security Groups operate at layer3/4 of the OSI model, where DNS operates in the upper layer.
I understand your struggle with the changing IP of the remote client. If you were to allow a CIDR for their Internet Service Provider that could open access and is not advisable.
With this use case, it may be appropriate to use a bastion host so your remote clients can access your EC2 instance. Then use Security Groups to control that access.
A reference doc for intermediate bastion hosts: https://aws.amazon.com/solutions/implementations/linux-bastion/
已回答 1 年前
相關內容
- 已提問 6 個月前
- AWS 官方已更新 1 年前
- AWS 官方已更新 2 年前
Is this access done publicly? Or via a private connection (VPN for example)?