Archives for EC2 Security
EC2 Agents – URLs and IPs allowlist
EC2 Agents: CIDR vs FQDN (Wildcard) Allowlists — with Ansible & Rapid7 Examples + SG/NACL Capabilities Executive Summary CIDR allowlists control who (IPs) can talk to your instances, ideal…
How to Ensure All Client Browsers Go Through Cloudflare to Access JavaScript
How to Ensure All Client Browsers Go Through Cloudflare to Access JavaScript 1. Serve JavaScript from a Cloudflare-Proxied Domain Start by hosting your JavaScript file behind a custom domain, such…
AWS EC2 – Proceed without Key Pair
While creating the instance , you will be prompted to "Proceed without key pair" . You can still connect to the instance provided: the sshd in your AMI is configured to use…
AWS Backups using SSM doc and bash
How do I kick off a command line based backup job (AWS backup job) from an SSM Doc? Create your SSM managed EC2 instance (with the SSM agent installed).…
AWS SSM Connect for no ingress EC2 instances
No Ingress EC2 is a great security option to completely block off all access to an EC2 instance. How then, will management users connect to this instance? This is a…
Protecting EC2 instances on AWS – Basic EC2 Security
Also read - No Ingress EC2 Instances Here are a couple of simple, yet often ignored, best practices around EC2 instance access. Access to EC2 instances via Systems Manager Only (Management…