<@UB3BGTV63> Is there any guide of setting up a ba...
# aws
@white-balloon-205 Is there any guide of setting up a bastion(s)/jump host(s) for accessing EKS with workers in private subnets over several that’s accessible by iAM users in a certain group but also for accessing kubectl? Right now we’re doing public control plane but want to get away from that. Is
the ssh key?
Not sure there’s a guide on this specifically - but I have talked to at least one user who did set this up. Note that if you do this - you will have to do the Pulumi deployment from an environment that can reach the endpoint - so either run the Pulumi deployment from the bastion host, or vpn into the private network from the deployment environment.
Yeah the CI would have to setup a proxy tunnel
👍 1