Enable a bastion host

After you purchase a bastion host, you must enable the bastion host to use its features. This topic describes how to enable a bastion host.

1. Log on to the Bastionhost console.
2. In the bastion host list, find the bastion host that you want to enable and click Run.
3. In the Run panel, configure the parameters.
   The following table describes the parameters.

   Parameter	Description
   Network	Select a virtual private cloud (VPC) and vSwitch for the bastion host. Notice After the bastion host is enabled, you cannot change the VPC and vSwitch. To ensure that the bastion host can communicate with the Elastic Compute Service (ECS) instance that you want to maintain over an internal network, we recommend that you select the VPC in which the ECS instance resides. If the selected vSwitch does not have available resources, the bastion host fails to be enabled. If the bastion host fails to be enabled because the selected vSwitch cannot provide the required resources, select another vSwitch and enable the bastion host again. You can create a vSwitch to use before you enable the bastion host. For more information, see Create a vSwitch.
   Security Group	Select the security group of the required ECS instances. Note A bastion host must be added to at least one basic security group before the bastion host can be enabled. After the bastion host is enabled, you can modify security groups to which the bastion host belongs. After a bastion host is added to a basic security group, a security group rule is automatically generated to allow the bastion host to access all ECS instances in the security group. You can also manually configure a security group rule for a bastion host. After you configure a security group rule for the bastion host, you do not need to add the bastion host to a security group. For more information, see Add security group rules. You cannot add a bastion host to an advanced security group. You must manually configure a rule for an advanced security group to implement network communication. For more information, see Add security group rules.

4. Click OK.
   The status of the bastion host changes to Initializing.

   Note It requires about 20 minutes for the bastion host to be initialized. Wait until the initialization is complete. After the initialization is complete, the status of the bastion host changes to Running. The bastion host is enabled.

   

Result

After the bastion host is enabled, you can click Manage to go to the console of the bastion host.