A solutions architect needs to allow developers to have SSH connectivity to web servers.
The requirements are as follows
• Limit access to users originating from the corporate network.
• Web servers cannot have SSH access directly from the internet.
• Web servers reside in a private subnet.
Which combination of steps must the architect complete to meet these requirements? (Select TWO.)
A . Create a bastion host that authenticates users against the corporate directory
B . Create a bastion host with security group rules that only allow traffic from the corporate network.
C . Attach an 1AM role to the bastion host with relevant permissions
D . Configure the web servers’ security group to allow SSH traffic from a bastion host.
E . Deny all SSH traffic from the corporate network in the inbound network AC
Answer: A,E
Leave a Reply