No description, website, or topics provided.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md
generate_sshconfig.py

README.md

page title tags date
AWS OpsWorks SSH Access
aws opsworks ssh
2015-07-10

Connecting to OpsWorks instance with SSH can be can be problematic. Here is a script which generates an SSH config file containing an entry for each host in the OpsWorks stack.

There are two problems to be solved when connecting to OpsWorks instances:

  1. The instances may be started and stopped, so the IP addresses will change frequently.
  2. Some instances may not be publicly accessible and must be accessed via a tunnel through a bastion server.

Setup

The only requirement for this script is that each OpsWorks stack have a custom JSON setting stack_id which is a short name to prefix any ssh hostnames (to ensure uniqueness and allow wildcards). For the examples below, the stack_id is dev

~/.ssh/config

Add a bastion server configuration through which you can connect to any private-IP instances in the OpsWorks stack. Also configure a wildcard config entry for {stack_id}.* which indicates for all matching hosts to use the bastion server to connect.

The generator script will fill in the specific host entries as dev.host1, dev.host2, etc. This will make them use the wildcard configuration as a starting point.

For example:

Host dev-nat
  User ec2-user
  HostName YOUR_ENTRYPOINT_PUBLIC_IP_HERE
  IdentityFile ~/.ssh/aws.pem

Host dev.*
  StrictHostKeyChecking no
  UserKnownHostsFile=/dev/null
  User ec2-user
  IdentityFile ~/.ssh/aws.pem
  ProxyCommand ssh dev-nat nc %h %p

Script

This script adds a generated section to the ~/.ssh/config which contains entries for each host in the OpsWorks stack. After running the script, you can use a simple ssh command to connect:

ssh dev.host1

generate_sshconfig.py