Firewall Rules in GCP - building a Bastion Host
ฝัง
- เผยแพร่เมื่อ 5 ก.ย. 2024
- This video is a follow-up on my previous one - • Firewall Rules in Goog... .
In this tutorial I will create a webserver, block all access to it, besides TCP/80 (for HTTP requests), and test the connectivity. Later on, I will create a 'Bastion host', that will be my stepping stone, to manage my webserver via SSH. Although this is a simple example, it demonstrate how you can use network tags, to manage even hundreds of Compute Instances, using just few Firewall Rules, that meet your requirements.
Please remember this is just an example of using firewall rules. It's definitely not a best practice to block icmp (PING) requests to your webservers. I did it only because it's simple to test and easy to notice.
Also, Bastion Host in, usually, is a server with Internet Access, that serve as a gateway to Your secured, internal environment. In my simple example the "secured environment" was a webserver, that still had port 80 (HTTP) opened for outside.
Panie Tomku, dziękuję za ten film. Zwarcie, na temat, dobrze wytłumaczone. Prawdziwa dobra polska jakość informatyczna. Dzięki!
your demo is quite quick and crisp. thank you
great video. Excellent explanation.
Amazing :-) Great explanation.
Thank you. Interestingly, the server behind the bastion is accessed with its public IP unchanged. I guess its all traffic must be passing through the bastion server. I'd like to see how actually this subnetwork and IP ranges work on an applied example.
Great demo
thanks for this tomek!