Git Product home page Git Product logo

aws-ssm-ec2-proxy-command's Introduction

aws-ssm-ec2-proxy-command Sparkline

Open an SSH connection to your ec2 instances via AWS SSM without the need to open any ssh port in you security groups.

ⓘ Prefer ec2-instance-connect implementation if possible
ⓘ Windows users please refere to README.windows.md

Prerequisits

Install SSH Proxy Command

  • Move proxy command script aws-ssm-ec2-proxy-command.sh to ~/.ssh/aws-ssm-ec2-proxy-command.sh
  • Ensure it is executable (chmod +x ~/.ssh/aws-ssm-ec2-proxy-command.sh)
Setup SSH Config [optional]
  • Add ssh config entry for aws ec2 instances to your ~/.ssh/config. Adjust key file path if needed. 
    host i-* mi-*
  IdentityFile ~/.ssh/id_rsa
  ProxyCommand ~/.ssh/aws-ssm-ec2-proxy-command.sh %h %r %p ~/.ssh/id_rsa.pub
  StrictHostKeyChecking no

Open SSH Connection

  • Ensure AWS CLI environemnt variables are set properly e.g.
    • export AWS_PROFILE=default or AWS_PROFILE=default ssh ... <INSTACEC_USER>@<INSTANCE_ID>
  • If default region does not match instance region you need to provide it
    • e.g. <INSTACEC_USER>@<INSTANCE_ID>--<INSTANCE_REGION>
SSH Command with SSH Config Setup

ssh <INSTACEC_USER>@<INSTANCE_ID>

  • e.g. ssh ec2-user@i-1234567890
SSH Command with ProxyCommand CLI Option
ssh <INSTACEC_USER>@<INSTANCE_ID> \
  -i "~/.ssh/id_rsa" \
  -o ProxyCommand="~/.ssh/aws-ssm-ec2-proxy-command.sh %h %r %p ~/.ssh/id_rsa.pub"

Recommended Usage of ec2-instance-connect:SendSSHPublicKey

The advantage from a security perspective is that you don't need to grant ssm:SendCommand to users and there by the permission to execute everything as root. Instead you only grant ec2-instance-connect:SendSSHPublicKey permission to a specific instance user e.g. ec2-user.

aws-ssm-ec2-proxy-command's People

Contributors

bgiaccio avatar doclm avatar jason-nabooki avatar marinheiromc avatar qoomon avatar spenserpothier avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.