-
Notifications
You must be signed in to change notification settings - Fork 507
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
VSCode Remote to EC2 instance (via SSH over SSM) #941
Comments
Hi @jovanshernandez , when you mention "Connect to EC2", are you trying to use VS Code's Remote Development feature, that allows users to open a remote folder in the VS Code file explorer? Or did you have something else in mind? |
@awschristou Correct, I am trying to open say the |
This comment has been minimized.
This comment has been minimized.
I do not believe this to be a duplicate issue. This issue is talking about a connection like
So this issue is really just asking for almost a direct integration, or otherwise mirroring of functionality, of Microsoft's Remote Dev tooling but for SSM instead of SSH. This is not related to ECS or EC2 metadata endpoints that issue #918 talks about |
This is a powerful feature and an important component in making AWS development experience secure but also seamless. + 💯 from my side. |
As a workaround, you could update the ssh configuration file to run a proxy command, which routes ssh traffic via SSM. See https://pub.towardsai.net/how-to-do-remote-development-with-vs-code-using-aws-ssm-415881d249f3 |
Related:
|
This will work but you have to manually specify the AWS profile and region. Outside of VS Code, your ssh config for SSM integration would look something like this:
Then you would ssh to your instance directly. Ie. To get things working with VS Code, your ssh config would look like this:
You then connect to your instance with |
I can confirm solution from @szukalski works, although I need to do some modifications due to our special AWS config. Our SSH port for EC2 instance is not open, but I can ssh through |
@chm123 Can you elaborate? I cannot get this to work like so. |
@jtele2 Basically you can follow And try SSH from terminal (not from VS Code). If this works for you, you should be able to connect via VS Code. |
@chm123 Thank you for your response. I can get in via Windows Subsystem for Linux (WSL) but not from PowerShell with the proxy command. I have to use WSL because I cannot install SessionManagerPlugin directly to PowerShell (non-Admin rights), but can install to WSL. Is there a way to make ProxyCommand use WSL.exe to setup the Remote-SSH session? |
I'm using MacBook, so I'm not familiar with WSL. You can try this |
@szukalski Any ideas on how to get this to work with Windows (AWS CLI on PowerShell)? |
+1 for this feature - would be very useful - going to try and setup workaround as above for now. |
one thing to note, vscode needs your credentials, so if you use temporary credentials, say via SSO to an IdP you need to close vscode and open it again from a terminal that has your session token, a PITA if anyone knows a work-around, that doesn't involve session up a credentials file or iam user, that would be great |
@mrgum Source your credentials from an external process: |
I implemented a simple prototype EC2 explorer, which can 1) start / stop instances and 2) open via SSH: https://marketplace.visualstudio.com/items?itemName=PengzhanZhao.ec2-farm. However, It does require to provision EC2 instances with a uploaded key pair. |
@borontion nice. However we don't want to use key pairs or ssh. |
For anyone interested: the issue in microsoft/vscode-remote-release#8186 is now eligible for upvotes. If we reach 10 or more it will be considered for the next step. Let the upvotes ensue... |
VS Code has accepted the refrenced issue in their backlog. We might want to bring our input so it does get enough priority and people can create useful extensions with the solution they come up with. |
@Roseidon your solution gets me through the mfa portion, but asks for a password afterwards. Is this supposed to happen? I don't have a password for this instance. |
Unfortunately not, I haven't been prompted for a password afterwards. |
For me it works on Windows 10, VS Code
|
StatusWe are actively working on these features.
|
This comment was marked as resolved.
This comment was marked as resolved.
The features in the above comment are implemented but not released. We're hoping to make it available as an "experimental" option. Will update this issue when there is any news. |
This comment was marked as duplicate.
This comment was marked as duplicate.
Is there an update on this? I periodically (about every VSCode update) lose the ability to run SSM via the proxy script. Using my terminal is fine but inside of VSCode it seems to lose the awscli path. See this issue for additional details |
@justinmk3 those features are still not part of the extension? #941 (comment) any ETA? |
Would like to see progress on this as well - it was a surprise to not see EC2 in the AWS VScode toolkit. I'm still cycling the public IP for my ec2 instance :( |
Would it be possible to release this as experimental as mentioned in an above message @justinmk3. My understand would be that there would be an ability to SSM on Linux/Mac in its current phase. |
This |
Echoing this from June. Any update on when the experimental will be released? Have been hoping for this feature for quite awhile. @justinmk3 |
We've made progress on this and it's likely for Q1. We definitely want to see this too :) |
I have a single stateless ec2 bastion box, so the instance ID is constantly changing. Below is a simple config file that works for me and maybe others will find helpful. It will dynamically look up the ec2 instance ID based on the name of the ec2 instance. I did have to set up a Key Pair for this to work. ssh
|
There's your problem. Just delete the Bastion and this issue is solved. |
I'm unsure how this helps, as the instance ID would get recreated/change, and you'd have to constantly update your scripts with the new instance ID. Also, deleting is not a great option when using CDK or other IaC, as you'll get stack drift and all sorts of deployment challenges. I just shut down (not terminate) the instance when not needed, and the script above works great if the instance gets swapped out for any reason. |
StatusAWS Toolkit 3.39.0 includes these features:
These features are not currently implemented:
Please upvote or create issues to track the above or any other requests that are important to you. Issue locked so that the above status is visible. Please open new issues with your feedback! |
Desktop (please complete the following information):
Anyway to connect to EC2 through VSCode without SSH Key?
Trying to connect to EC2 through VSCode without SSH Keys. I'm able to connect to EC2s using AWS Credentials, AWS Profiles, and AWS SSM, but is there a way to pass that connection through VSCode/?
The text was updated successfully, but these errors were encountered: