How to transfer files from AWS server to local machine where the AWS server is behind Bastion server

Question

How to transfer files from AWS server to local machine

Following is the way all the machines are located

AWS machine -> Bastion server -> Local machine

I have copied the files from AWS machine to Bastion server and Bastion server to local machine with SCP command

Following are the two steps I have done

1. ssh into bastion server Copied file from AWS instance to Bastion server

scp user@ipaddress:~/test1.txt ./

2. From my local machine, I have executed the following command

scp user@bastion:~/test1.txt ./

I would like to automate with a single script which needs to be triggered from my local machine for copying files from AWS instance to local machine

Answer 1

There is no need to copy files to the Bastion server. In fact, from a security perspective, extremely little should be stored on a Bastion server.

Instead, there are two methods you can use to directly connect to the "AWS machine" via the Bastion.

• Proxy Jump
• Port Forwarding

See:

• Using ProxyJump with SSH and SCP
• How to scp with a second remote host
• mperdikeas.github.io/networking.html.files/scp-a-file-through-jump-host.html
• Using SCP to transfer files to a private EC2 instance through a Bastion Host