...
It’s possible to connect to your database using a publically available bastion as a jump host. Use an EC2 instance deployed in a public subnet with inbound rules from our Pisaas IPv4 address 54.216.240.181 (you can find this IP address from the table above.) and outbound rules to your database. The port for this should be 22. Set the inbound on the database to accept connections from the bastion host security group. The port allocation between the bastion and the database should match that of your database.
...
Sign into your AWS account.
Create an EC2 instance (a micro instance is ok for this purpose)
Specify appropriate security groups or create a security group for the bastion host.
Create an inbound rule on your bastion security group that opens port 22 to the IP address given by Panintelligence (found in the table above).
Create an inbound rule on your bastion security group that opens port 22 to your IP address.
Create an outbound rule on your bastion security group that opens your database port (5432 for Postgres) to your database security group.
Create an inbound rule on your database security group that opens your database port (5432 for Postgres) from your new bastion security group.
log into your new Bastion host
create a new user
sudo useradd panintelligenceswitch to your new user
sudo su - panintelligencecreate the ~/.ssh directory if it does not exist
mkdir ~/.sshchange the permissions of this new directory
chmod 700 ~/.sshcreate a file called authorized_keys in the ~/.ssh directory `touch ~/.ssh/authorized_keys
change the permissions of this new file
chmod 600 ~/.ssh/authorized_keysedit the authorized_keys file and copy the contents of the panintelligence public key
...