Looking for assistance in setting up VPN tunneling to an EC2 on AWS. I want to disable direct shell access (port 22 ) to ec2''s Public IP address . The VPN setup should enable only the Authorized clients to connect to EC2 shell on the Local IP of AMI.
You may use AWS vpn services or use openvps server or any other vpn solution on another ec2 instance to enable the vpn routing and configurations
I'd set up openvpn either on another instance or on the existing one if you'd prefer. That mostly depends on your needs to segregate services vs save money. EasyRSA would be used to handle to certs.