diff --git a/aws/proposals/iebcloud-jump-host/iebcloud-jump-hosts.md b/aws/proposals/iebcloud-jump-host/iebcloud-jump-hosts.md
new file mode 100644
index 00000000..a9fabb24
--- /dev/null
+++ b/aws/proposals/iebcloud-jump-host/iebcloud-jump-hosts.md
@@ -0,0 +1,63 @@
+# AWS Cloud Jump Host - Bastion Server
+
+This document is to cover the use case and purpose of CSVD's use of Jump Hosts.
+
+<!-- add additional information here -->
+
+Things to consider:
+- multi-user access
+- runs terraform/support repo tools
+- should be used for application container development? (currently blocked by sudoers/and something else asking for UID/GID)
+- runs aws cli for interaction with all environemnts
+- if we had linux we could use AWS Workspaces?
+- eks cluster with pod per user?, shared efs mount for data?
+- ???
+
+
+
+# Why
+
+<!-- describe the reasoning behind this setup, what the applijcaiton will do with these things, etc -->
+
+# What
+
+<!-- describe what this will be doing. For example, we need an IAM policy and an IAM role with that policy,
+distributed to each account. A central AWS account (list details) will use an instance role
+and is able to assume the created role in every account. etc.  -->
+
+# Where
+
+<!-- describe where this setup needs to be executed.  We have multiple AWS organizations: ent-ew (commercial),
+ent-gov (primary one), and lab-gov (not addressed here, nor visable from the ent-gov).  We will need to 
+accomodate all of them.  Also separate stuff that runs in the morpheus account(s) and stuff in target accounts -->
+
+# When
+
+<!-- list notional dates for when this sort of thing is needed -->
+
+# Who
+
+<!-- describe the user base, where they access from, how frequently it is used, how the users access it, etc. -->
+
+# How
+
+<!-- describe technical detail, as needed, how one implements in TF or whatever.  Some of this will be split out
+into stacksets in another account.  Provide a diagram if you have one, clean with simple boxes and arrows.  -->
+
+<!-- add other sections which seem to make sense -->
+
+# Links
+
+AWS provides some resources for problems of this shape to consider:
+
+1. https://aws.amazon.com/solutions/implementations/linux-bastion/
+1. https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/access-a-bastion-host-by-using-session-manager-and-amazon-ec2-instance-connect.html
+1. https://aws.amazon.com/blogs/containers/scale-to-15000-tasks-in-a-single-amazon-elastic-container-service-ecs-cluster/
+1. https://elasticscale.com/get-a-cheap-vpn-into-your-aws-vpc-and-worldwide-performance-improvement-through-cloudflare-tunnels/
+1. https://aws.amazon.com/blogs/desktop-and-application-streaming/use-elastic-fleets-and-linux-for-inexpensive-secure-bastion-hosts-in-amazon-appstream-2-0/
+
+
+# CHANGELOG
+
+* 0.0.1 -- 2024.07.22
+  - wip