A bastion service provides secure shell (SSH) access to your private hosts in the cloud.
Oracle Cloud Infrastructure (OCI) Bastion service provides restricted and time-limited Secure Shell Protocol (SSH) access to target resources that don't have public endpoints.
Yes. OCI Bastion is free and available for the free tier of Oracle Cloud.
Yes. There may only be 20 sessions per Bastion.
Yes. There may only be 5 Bastions in each tenancy.
There is no data transfer limit; however the connection speed is limited per the SSH connection to 16 Mbps.
Yes. The maximum session time in 3 hours. The minimum session is 30 minutes.
OCI Identity and Access Management (IAM) policies and SSH key pairs provide authentication.
Customers can use an SDK, the CLI, Console or the Terraform Provider to provision an external (standard) bastion.
Managed SSH sessions require that the target resource has both an OpenSSH server and the Oracle Cloud Agent running. Some images have Oracle Cloud Agent already enabled on the Compute instance. Other times, the Oracle Cloud Agent on the instance must be enabled by the user. SSH port forwarding sessions don't require an OpenSSH server or the Oracle Cloud Agent to be running on the target resource.
You can delete a session, which will terminate it. This may take up to 5 minutes.
A session that is expired is shown as deleted.
MySQL Database service, ATP, OKE v2, and others use OCI Bastion to reside on private subnets.
Yes. RDP over SSH, of if using OpenSSH with Windows can SSH to host
Yes, you need to create a new session if the session has expired.