Learn how to connect to GCP resources privately from a DevBox.
Go to VPC Network > VPC Networks.
Select Create VPC Network.
Enter VPC name, and under Subnets choose region, IP Stack option and IP CIDR range. Remember to select On option for Private Google Access while creating the private subnet.
Here we are using 10.0.1.0/24 for public subnet range and 10.0.2.0/24 for private subnet range. Customize the IPv4 CIDR block if needed.
Click on Create and it will generate the VPC Network for you.
After the VPC network creation, go to VPC-Name > Firewalls. Select Add Firewall Rule and then enter the rule name, and source IP range (Source = 0.0.0.0/0).
After that you will be asked to select the ingress ports and protocols. Allow inbound SSH (Port range = 22). We’ll need this during initial setup but can close the firewall later.
Use one of the supported linux distros.
Go to Compute Engine > Create an Instance > Advanced Options > Networking section.
Add the respective firewall tags in the Network Tags box.
Attach public subnet to the instance from the VPC and assign it a public IP Address.
SSH into the machine and Install the DevZero CLI from the script:
Log into your account by executing:
Enable IP forwarding to access resources on VPC CIDR:
Connect to DevZero network:
Verify that the machine is connected to your DevZero network:
You should see the GCP virtual machine hostname.
Now you will be able to access Private GCP Resources from your DevBox.
Learn how to connect to Azure resources privately from a DevBox.
In this guide you will know how to setup a Bastion Host on Azure Infrastructure. This Bastion Host will allow you to connect to Private Azure services and use them directly from your DevBox.
If you're more of a visual learner, check out the video tutorial!
In this step, you will be creating a VNET. This will house all of your resources together including the bastion host.
Go to Home > Virtual Networks > Create Virtual Network.
Under the Basics section, enter the Resource group name.
you can select an existing Resource Group or create a new Resource Group by clicking on create new.
Enter the Virtual Network name and the desired region of deployment.
After setting up the Basics, navigate to the IP Addresses Section and create a Public subnet by entering the subnet name and Starting address of the subnet.
To make a private subnet in Azure, you just need to check the Enable private subnet (no default outbound access) checkbox under the Private Subnet section while creating the subnet.
After everything is setup, you can navigate to the Review + Create section and click on Create.
Now you need to create and setup a Virtual Machine which you would be using as the Bastion Host.
Go to Home > Virtual Machines > Create a virtual machine.
In the Basics section, choose the same resource group which you chose for your VNET.
Then input your VM name, region and image.
you can view the available VM images here.
Enter your desired username and select the allow selected ports for the Public inbound ports option.
Go to the Networking section and enter your Virtual Network (VNET). Remember to choose the public IP option as you need to configure this virutal machine to access private azure services.
Select the Basic option for NIC network security group, it would create a security group for you which allows port access for SSH.
Click on Review + Create and click on Create.
Download the SSH private key when prompted, this will help you SSH into the Bastion Host later on.
Now you just need to install DevZero CLI and enable IP forwarding to access the private resources.
SSH into your Bastion Host and install the DevZero CLI:
Log into your account by executing:
Enable IP forwarding to access resources on private subnets:
Now you need to advertise your VNET route to connect to DevZero network:
Verify that the machine is connected to your DevZero network:
You should see the Azure machine hostname.
You should now be able to ping or ssh private Azure resources from your DevBox:
Learn how to connect to AWS resources privately from a DevBox.
If you're more of a visual learner, check out the video tutorial!
Go to VPC > Your VPCs > Create VPC.
Select VPC and more.
Enter a tag name to auto-generate VPC and Subnet Names. Customize the IPv4 CIDR block if needed.
Select "In 1 AZ" in the NAT Gateways section.
Use one of the supported linux distros.
In the Network Settings, edit the VPC to assign the one you created above.
Assign the instance to a public subnet of the VPC, and assign it a public IP address.
In the security groups configuration, edit the Security Group to allow inbound ssh (Port range = 22, Source = 0.0.0.0/0). We’ll need this during initial setup but can close the firewall later.
SSH into the machine and Install the DevZero CLI from the script:
Log into your account by executing:
Enable IP forwarding to access resources on private subnets:
Connect to DevZero network:
Verify that the machine is connected to your DevZero network:
You should see the EC2 machine hostname.
You should now be able to ping or ssh private AWS resources from your DevBox: