T31M
0456dba5d1
- Update & split scripts - Main package install script - Fish / environment install script - Dockerfile for testing locally
74 lines
2.8 KiB
Fish
74 lines
2.8 KiB
Fish
# See: https://aws.amazon.com/about-aws/whats-new/2022/05/aws-systems-manager-support-port-forwarding-remote-hosts-using-session-manager/
|
|
# And: https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-working-with-sessions-start.html#sessions-remote-port-forwarding
|
|
function ssm_tunnel --description 'Access private AWS ressources via native SSM port forwarding through bastion'
|
|
|
|
if test (count $argv) -lt 2
|
|
echo "Provide an Host:Port Mapping & an Local Port"
|
|
return
|
|
end
|
|
|
|
if [ "$env" != "ops" ]
|
|
echo "Switch to OPS ENV first"
|
|
return
|
|
end
|
|
|
|
# Get bastion host ID using it's name
|
|
set INSTANCE_ID (aws ec2 describe-instances \
|
|
--filter 'Name=tag:Name,Values=INSTANCE_NAME_HERE'\
|
|
--query "Reservations[].Instances[?State.Name == 'running'].InstanceId[]"\
|
|
--output text)
|
|
|
|
# AWS Remote host i.e AWS Remote host i.e internal.x.yourdns / xxx.eu-west-1.elb.amazonaws.com
|
|
set REMOTE_HOST (string split -f1 : $argv[1])
|
|
set REMOTE_PORT (string split -f2 : $argv[1])
|
|
# Local port to bind for forwarding
|
|
set LOCAL_PORT $argv[2]
|
|
|
|
# Seconds until forwarding session times out (6h max)
|
|
set TIMEOUT 21600
|
|
|
|
# Start tunnel session
|
|
echo "Starting Tunnel"
|
|
aws ssm start-session --target $INSTANCE_ID \
|
|
--document-name "AWS-StartPortForwardingSessionToRemoteHost" \
|
|
--parameters "host=[$REMOTE_HOST],portNumber=[$REMOTE_PORT],localPortNumber=[$LOCAL_PORT]"
|
|
|
|
echo "Tunneling Session Exited."
|
|
end
|
|
|
|
# This function is for custom & higher privileged users only.
|
|
function ssm_tunnel_admin --description 'Access private AWS ressources via native SSM port forwarding through bastion'
|
|
|
|
if test (count $argv) -lt 2
|
|
echo "Provide an Host:Port Mapping & an Local Port"
|
|
return
|
|
end
|
|
|
|
if [ "$env" != "ops" ]
|
|
echo "Switch to OPS ENV first"
|
|
return
|
|
end
|
|
|
|
# Get bastion host ID using it's name
|
|
set INSTANCE_ID (aws ec2 describe-instances \
|
|
--filter 'Name=tag:Name,Values=INSTANCE_NAME_HERE'\
|
|
--query "Reservations[].Instances[?State.Name == 'running'].InstanceId[]"\
|
|
--output text)
|
|
|
|
# AWS Remote host i.e internal.x.yourdns / xxx.eu-west-1.elb.amazonaws.com
|
|
set REMOTE_HOST (string split -f1 : $argv[1])
|
|
set REMOTE_PORT (string split -f2 : $argv[1])
|
|
# Local port to bind for forwarding
|
|
set LOCAL_PORT $argv[2]
|
|
|
|
# Seconds until forwarding session times out (6h max)
|
|
set TIMEOUT 21600
|
|
|
|
# Start tunnel session
|
|
echo "Starting Tunnel"
|
|
aws ssm start-session --target $INSTANCE_ID \
|
|
--document-name "AWS-StartPortForwardingSessionToRemoteHost" \
|
|
--parameters "host=[$REMOTE_HOST],portNumber=[$REMOTE_PORT],localPortNumber=[$LOCAL_PORT]"
|
|
|
|
echo "Tunneling Session Exited."
|
|
end |