AWS cli builder is a very handy site for doing just that…. building AWS cli commands. Choose from 148 services and input your required options and it will build out the command to use.
For example to start an EC2 instance, choose Computer > Elastic Computer Cloud and type start. It should provide an option for starting instances. Now enter your details such as region, instance id and output type.
More info and to access the site go here: https://awsclibuilder.com/home
Ideally you should whitelist your SSH Servers to your IPs or don’t even expose the service to the Internet and use a VPN to login. In some cases this is not an option and/or you may need to create a Bastion Host / Jump Box server with SSH exposed.
If this is the case you should do or at least consider these options:
- Change the SSH port (May reduce the noise, but not the security)
- Only use Key Based Authentication i.e. disable password and use keys only
- Prevent root user from logging in via SSH
- Limit user access via SSH
Once the above has been completed, use SSH Audit to check that everything from an SSH configuration is setup correctly and passes the security checks. SSH Audit is a free online tool allows you to audit the configuration of an SSH server.