AWS SSH Security Group Configuration

👤 This documentation is intended for Site Administrators and/or Database Administrators.

This document provides guidance for configuring security groups for SSH and Database servers hosted in AWS only. While these rules will likely work if applied to other firewalls, please consult your IT security team to confirm firewall configurations based on company policies.

1. Create a Security Group for the SSH server(s).

2. Configure INBOUND RULES: Enter Sisense's IP’s (This example whitelists the IPs for all traffic, but whitelist for SSH only would also work).

3. Configure OUTBOUND RULES:  Enter the Port and IP address of the destination DB. 

NOTE: In this doc we left the outbound rules open to the internet on the SSH servers. This is NOT recommended. Please consult your IT security team to determine what level of outbound access these servers should be given based on company policies.

4. Create a Security Group for DB server(s)

5. Configure INBOUND RULES:  DB Port and IPs of SSH tunnels (NO HA at this time)