Back to all diagrams
Save as PNG
%% title: 10-4.2 Jumpbox Data Flow
%% description: Section 10 - System Environment - Figure 10-4.2 Jumpbox Data Flow
graph TD
subgraph AWS GovCloud
UAA["User Authentication/Authorization (UAA)"]
web["Concourse Web Server"]
worker[Concourse Worker]
Jumpbox{Ephemeral Jumpbox}
BOSH[BOSH Director]
EC2[AWS EC2 Instances]
ELB("AWS Elastic Load Balancer (ELB)")
end
subgraph GSA Responsibility
SAML{"Single Sign-on (SSO)<br>providing MFA - SecureAuth"}
end
subgraph GSA VPN and Internet Egress
ZScalerDNS("ZScaler DNS")
GSAProxy("GSA Internet Proxy")
end
Ops((Cloud Operations))
Ops--"Concourse CLI (fly): HTTPS/TCP 443"-->ZScalerVPN-->ZScalerDNS-->GSAProxy-->ELB
ELB-->web
UAA-.Authentication.->SAML
web-.Authorization.->UAA
web--Run jumpbox job-->worker
worker-.Container.->Jumpbox
Jumpbox--BOSH SSH request-->BOSH
BOSH-.BOSH Director sets up temporary SSH key.->EC2
Jumpbox--SSH using temporary key-->EC2
Back to all diagrams