bertrandmartel / aws-ssm-session Goto Github PK
View Code? Open in Web Editor NEWJavascript library for starting an AWS SSM session compatible with Browser and NodeJS
License: MIT License
Javascript library for starting an AWS SSM session compatible with Browser and NodeJS
License: MIT License
Hi, I'm trying to get this working on Node with ECS tasks, and while I can connect to the container, I don't get any response back when I try to execute any commands.
I was trying with the examples, I updated line 3 in app.js
from const session = require("../../scripts/aws-get-session");
to const session = require("../../scripts/aws-get-session-ecs");
,
It works with EC2 instances.
When SSM is protected with KMS, the payload fails to send/receive data.
See https://github.com/aws/session-manager-plugin/blob/mainline/src/datachannel/streaming.go:
// Encrypt if encryption is enabled and payload type is Output
if dataChannel.encryptionEnabled && payloadType == message.Output {
inputData, err = dataChannel.encryption.Encrypt(log, inputData)
if err != nil {
return err
}
}
case message.KMSEncryption:
processedAction.ActionType = action.ActionType
err := dataChannel.ProcessKMSEncryptionHandshakeAction(log, action.ActionParameters)
if err != nil {
processedAction.ActionStatus = message.Failed
processedAction.Error = fmt.Sprintf("Failed to process action %s: %s",
message.KMSEncryption, err)
errorList = append(errorList, err)
} else {
processedAction.ActionStatus = message.Success
processedAction.ActionResult = message.KMSEncryptionResponse{
KMSCipherTextKey: dataChannel.encryption.GetEncryptedDataKey(),
}
dataChannel.encryptionEnabled = true
}
I’m not sure if this is really a bug with aws-ssm-session, but I wanted to get your thoughts.
I’ve tested this project against SSM agents running on instances, and that works fine.
Recently, AWS added SSM support for ECS tasks. Using the AWS CLI, you can connect to them just fine, as they too leverage an SSM agent.
You can request the WSS URL and token via this endpoint: https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/ECS.html#executeCommand-property
However, using aws-ssm-session, I’m unable to connect to an ECS task. I’ve tried via the web client and the node script. I can connect to these tasks just fine though, when using the AWS CLI command: https://aws.amazon.com/blogs/containers/new-using-amazon-ecs-exec-access-your-containers-fargate-ec2/
Do you think this is something that could be added / supported to aws-ssm-session, or do you think this is a bug on the AWS side of things?
Hello, I'm following the nodejs example in the example dir but am having some issues supported pasted text. It seems to append tilde's (~) around the pasted content (and only when setting the stdin into raw mode, without it I seem to be getting the control characters).
eg. irb(main):001:0> ^[[200~www.sephora.sg^[[201~
Is there any way to fix that?
There are syntax errors in the nodejs section of the README. The websocket is named connection
in the outer context but the callbacks use the name socket
.
My socket connection is closed after 2 min of inactivity. How to implement ping following this binary format?
~/aws-ssm-session $ npm i
npm ERR! code E404
npm ERR! 404 Not Found - GET https://npm.labinno.fr/ws/-/ws-7.4.4.tgz
npm ERR! 404
npm ERR! 404 'ws@https://npm.labinno.fr/ws/-/ws-7.4.4.tgz' is not in the npm registry.
npm ERR! 404 You should bug the author to publish it (or use the name yourself!)
npm ERR! 404
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, http url, or git url.
npm ERR! A complete log of this run can be found in:
Hi, thanks for creating this library!
I have a use case where I connect to an EC2 instance via SSM, but then want to execute an SSH command to tunnel (I cannot use the native SSM tunnel). The problem I have is I do not know when the prompt is ready for the SSH command, so don't know when to run it. I currently have a setTimeout
on connection.onopen
but it won't work all the time.
Would it be possible to have some callback?
Thanks
I get this error when running the Node example:
{"MessageId":"e61ab986-c9c4-4b9c-a557-0c7fe13ee4c5","CreatedDate":"2021-10-01T09:24:34.917Z","DestinationId":"9eb2aa6d-936c-44a9-80aa-2c163fd558d8","SessionId":"xxxxxxxxxxxx-00326d985ae62b3af","MessageType":"channel_closed","SchemaVersion":1,"Output":"\n----------ERROR-------\nEncountered error while initiating handshake. Handshake timed out. Please ensure that you have the latest version of the session manager plugin."}
I've updated the session manager plugin to the latest and the issue is the same.
Hello! Awesome project!
I made it running locally and it's working fine.
But, after running rails c
, I enter into the rails terminal and when I send a command, I don't get any response back. I added logs to check if the command is send it, and it's. The connection is still opened, but nothing.
I'm working if it's related to message number sequence or something.
After each command I send I get payloadType=0
Any ideas? @bertrandmartel
Hello @bertrandmartel ,
great library, just a quick question, I use byobu ( on top of tmux / screen ) and I notice that some characters are not render correctly :
Did you face the same issue maybe ?
Thanks
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.