gene1wood
commented
11 years ago Decided that this was the way to go and moved to this model. There are now universal bastion hosts
https://github.com/mozilla/identity-ops/wiki/Access%20Guide#sshing-into-hosts
and admin hosts have been removed from the stack model
Not sure if we want to go this direction but we might want to remove the admin host from the stacks and hand build admin hosts
Currently we can't auto assign the IP to the bastion because, though it has IAM role permissions to do so, it has no internet access to reach the AWS API to acquire itself an IP. This would be another reason to change (or to figure out some way to get an IP automatically). Currently I assign the IP manually.