How to secure Customer's AWS Instance for Alexis One-Click Anomaly Detection Software Use

In this article we describe what the Customer needs to do to ensure that if Alexis Customer Success Engineer needs access, that the Customer's AWS instance is secure for data security

The AWS Bastion Host

It is an AWS EC2 instance in a public subnet that is used to access the AWS EC2 instances in the private subnet.

Reference links to understand how the AWS Bastion Host works:

In the AWS EC2 instance where the Alexis Networks Customer Success Engineer will install the Alexis airflow and a visualization dashboard will be in a private subnet which will be only accessible through an AWS Bastion Host. Things Alexis Networks Customer Success Engineer require to access the AWS EC2 instance in a private subnet through AWS Bastion Host:
  1. Allow Alexis Networks IP address in your AWS security group of the AWS Bastion Host.
    1. This is needed for Alexis Networks Customer Success Engineer to SSH into your AWS Bastion Host.
  2. Full SSH command to access the AWS Bastion Host.
    1. The Alexis Networks Customer Success Engineer will need the .pem file of the AWS Bastion Host.
  3. Once the Alexis Networks Customer Success Engineer can access the AWS Bastion Host. Then the Alexis Networks Customer Success Engineer will need another SSH command to access the AWS EC2 instance which is in a private subnet where Alexis Networks Customer Success Engineer will install Alexis airflow and visualization dashboard.
    1. To do SSH into an AWS EC2 instance which is in a private subnet through the AWS Bastion Host. The Alexis Networks Customer Success Engineer will need: 
      1. The directory path where the .pem file is stored of the AWS EC2 instance in AWS Bastion Host.
      2. The full SSH command to connect to the AWS EC2 instance.