Security restrictions on our current AWS environment imposed by IT mean it is increasingly tricky to get connections to FME Cloud. If we can use SSH Tunnelling that would be a great help. We really only need it for database traffic - if it can be locked down somehow. This is discussed more at length here: https://community.safe.com/s/feed/0D54Q000080hLyhSAE
This post is closed to further activity.
It may be a question with a best answer, an implemented idea, or just a post needing no comment.
If you have a follow-up or related question, please post a new question or idea.
If there is a genuine update to be made, please contact us and request that the post is reopened.
It may be a question with a best answer, an implemented idea, or just a post needing no comment.
If you have a follow-up or related question, please post a new question or idea.
If there is a genuine update to be made, please contact us and request that the post is reopened.
+1My personal recommendations would be for FME Cloud or general FME Server instances to use SSH Tunnels as an option similar to Web Connections.
Given the reputation for SSH Tunnels not being stable for long periods of time, particularly when idle, it seems best to impose the limitation that FME Cloud/Server can only work with SSH Tunnels it initiates (probably with public key certs as well to ensure good security practice). This also sidesteps the security risk of exposing/enabling SSH Tunnel connections to FME Cloud/Server from the broader internet. Target server options can then either be a jump server or direct, though most cases would likely require a jump server.
The SSH Tunnel could be treated as a wrapper around an existing Web Connection that then exposes a localhost port for bi-directional communication.
Helpful Members This Week
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.