Skip to content
/ tune Public

A lightweight utility to tunnel traffic into an AWS VPC using bastion hosts and SSM.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

bfogarty/tune

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
cmd/tune
cmd/tune
 
 
pkg/tunnel
pkg/tunnel
 
 
.gitignore
.gitignore
 
 
.goreleaser.yaml
.goreleaser.yaml
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

tune

Tune is a utility for forwarding local ports to private resources in a VPC using bastion hosts and SSM Session Manager. Features include:

  • using existing AWS credentials for authentication and access control
  • support for bastion hosts in private subnets with no open inbound ports
  • autodiscovery for SSM-enabled bastion hosts and (eventually) services
  • authentication using ephemeral SSH certificates sent via EC2 Instance Connect

Prerequisites

Tune requires a working installation of awscli with the session-manager-plugin installed.

For bastion host autodiscovery, Tune requires at least one EC2 instance to be configured for Session Manager and tagged with TuneJumpHost.

Installation

Download the latest release from Releases. Extract the binary and add it to your PATH.

Usage Examples

Connecting to remote database

The following forwards localhost:5433 to my.db.com:5432 inside the VPC.

tune to my.db.com 5432 --localPort 5433

Using an assumed IAM Role

Tune respects AWS credentials set in ~/.aws/credentials as well as environment variables such as AWS_PROFILE.

AWS_PROFILE=qa tune to my.db.com 5432 --localPort 5433

About

A lightweight utility to tunnel traffic into an AWS VPC using bastion hosts and SSM.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 4

v0.3.0 Latest
Jun 4, 2023
+ 3 releases

Packages

No packages published

Languages