From 321672fb1e3477185041d980810e1af7b280b864 Mon Sep 17 00:00:00 2001 From: T31M Date: Sun, 29 Mar 2020 12:15:29 +0200 Subject: [PATCH] feature: added ssm tunneling support --- .gitignore | 1 + fish/theme-t31m/ssm_tunnel.fish | 41 +++++++++++++++++++++++++++++++++ 2 files changed, 42 insertions(+) create mode 100644 .gitignore create mode 100644 fish/theme-t31m/ssm_tunnel.fish diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..e7de03c --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +twaiceAWS.fish diff --git a/fish/theme-t31m/ssm_tunnel.fish b/fish/theme-t31m/ssm_tunnel.fish new file mode 100644 index 0000000..db2c5bd --- /dev/null +++ b/fish/theme-t31m/ssm_tunnel.fish @@ -0,0 +1,41 @@ +function ssm_tunnel --description 'access private AWS ressources via Bastion Host' + + if test (count $argv) -lt 2 + echo "Provide an Host:Port Mapping & an Local Port" + return + end + + if [ $env != "ops" ] + echo "Switch to OPS ENV" + return + end + + # Get bastion host ID using it's name + set INSTANCE_ID (aws ec2 describe-instances \ + --filter 'Name=tag:Name,Values=ops-infrastructure-bastion'\ + --query "Reservations[].Instances[?State.Name == 'running'].InstanceId[]"\ + --output text) + + # AWS Remote host i.e elastic.aws.com:80 + set REMOTE_HOST $argv[1] + + # Ports to bind for forwarding + set LOCAL_PORT $argv[2] + + # make sure jq is installed + # Start socat on the remote server + set CMD "'sudo socat TCP4-LISTEN:$LOCAL_PORT,fork TCP4:$REMOTE_HOST'" + set CMD_INVOC_ID (aws ssm send-command --instance-ids $INSTANCE_ID \ + --document-name 'AWS-RunShellScript' \ + --parameters commands=$CMD --output json | jq -r '.Command.CommandId') + + # Start tunnel session + echo "Starting Tunnel" + aws ssm start-session --target $INSTANCE_ID \ + --document-name "AWS-StartPortForwardingSession" \ + --parameters "portNumber=$LOCAL_PORT,localPortNumber=$LOCAL_PORT" + + # stop socat on the bastion + aws ssm cancel-command --command-id $CMD_INVOC_ID + echo "Command Cancelled Successfully." +end \ No newline at end of file