Simple Bastion Security with Security Groups and Lambda

For our August Toronto AWS Users Group Meetup, Joey Coleman from Kira Systems, is BACK presenting: "Simple Bastion Security with Security Groups and Lambda." RSVP today and we'll see you there!

Agenda:
6:00pm - Arrival, mingling, pizza eating
6:20pm - Welcome & Introductions
6:30pm - Presentation Begins
7:20pm - Q&A and Open Group Discussions
8:00pm - Event concludes

Presentation Title:
Simple Bastion Security with Security Groups and Lambda

Presentation Summary:
Good practice with AWS is to setup your stuff in a completely private VPC, and then expose a single inbound SSH or VPN port for access; often, access to that port is just given to the whole internet, or locked down to static IP addresses. In the case where access is required from dynamically changing addresses, manually changing the security group to track those changes is a nuisance. So, in this talk we’ll go over a simple scheme for automatic control, using primarily Security Groups and Lambda, plus a bit of CloudFormation and S3 for the deploy itself. This will be a live demo — we’ll go over the code and scripts, then actually run them to create the VPC.

Presenter Bio:
Joey Coleman is presently a “Kira Fellow” at Kira Systems in Toronto, a role the frees him to tackle large and interesting problems. His background threads through both industry and academia and includes having gotten a PhD from Newcastle University in the UK, and doing a postdoc and lecturing at Aarhus University in Denmark.