DNS friendly bastion names
AWS Managed Services (AMS) uses DNS friendly bastion names.
- MALZ
-
For Multi-account landing zone (MALZ), DNS records are created for the bastions in the FQDN of the AMS-managed Active Directory. AMS replaces Linux and Windows bastions as required. For example, if there is a new bastion AMI that must be deployed, the bastion DNS records dynamically update to point to new, valid bastions.
To access SSH (Linux) bastions, use DNS records like this:
sshbastion(1-4).Your_Domain.comFor example, where the domain is
Your_Domain:sshbastion1.Your_Domain.comsshbastion2.Your_Domain.comsshbastion3.Your_Domain.comsshbastion4.Your_Domain.com
To access RDP (Windows) bastions, use DNS records like this:
rdp-.Username.Your_Domain.comFor example, where the user name is
alex,test,demo, orbob, and the domain isYour_Domain.comrdp-alex.Your_Domain.comrdp-test.Your_Domain.comrdp-demo.Your_Domain.comrdp-bob.Your_Domain.com
- SALZ
-
Single-account landing zone (SALZ) replaces Linux and Windows bastions as required. For example, if there is a new bastion AMI that must be deployed, the bastion DNS records dynamically update to point to new, valid bastions.
To access SSH (Linux) bastions, use DNS records like this:
sshbastion(1-4).AAccountNumber.amazonaws.com.rproxy.govskope.ca.For example, where
123456789012is the account number:sshbastion1.A123456789012.amazonaws.com.rproxy.govskope.casshbastion2.A123456789012.amazonaws.com.rproxy.govskope.casshbastion3.A123456789012.amazonaws.com.rproxy.govskope.casshbastion4.A123456789012.amazonaws.com
To access RDP (Windows) bastions, use DNS records like this:
rdpbastion.(1-4).AACCOUNT_NUMBER.amazonaws.com.rproxy.govskope.caFor example, where
123456789012is the account number:rdpbastion1.A123456789012.amazonaws.com.rproxy.govskope.cardpbastion2.A123456789012.amazonaws.com.rproxy.govskope.cardpbastion3.A123456789012.amazonaws.com.rproxy.govskope.cardpbastion4.A123456789012.amazonaws.com
