cloud9setup

Step 1: Setting up Git with SSH access

Run this script:

ssh-keygen -t rsa -b 4096 -C "example@mymail.com" -P "" -f "/home/ec2-user/.ssh/id_rsa" -q  
eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_rsa
cat /home/ec2-user/.ssh/id_rsa.pub

In Github:

Settings -> SSH and GPG keys -> New SSH key -> add output from step 1 -< Add SSH key

To test access type:

ssh -T git@github.com

or

git clone git@github.com:msokolov93/cloud9setup.git

Step 2: Configure Secure Access for Cloud9

Create IAM entities

Create IAM role for Cloud9 with required presmissions and write down role arn

Example: arn:aws:iam::112233445566:role/Cloud9AdminRole

Create IAM Policy to further assume this role

Example: Cloud9AssumeRolePolicy

Add your role ARN accordingly

{
    "Version": "2012-10-17",
    "Statement": {
        "Effect": "Allow",
        "Action": "sts:AssumeRole",
        "Resource": "arn:aws:iam::112233445566:role/Cloud9AdminRole"
    }
}

Attach policy to IAM Role that you will store keys for

Example: MyUser

Attach Cloud9AssumeRolePolicy to MyUser

Create a new keypair or write down existing Access key ID and Secret access key

Authorize CLI environment with created keypair from MyUser

export AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

verify MyUser login is successful by running command:

aws sts get-caller-identity

For the next step jq is required:

sudo yum install jq

To Authorize CLI run command with required Cloud9 Role ARN:

OUT=$(aws sts assume-role --role-arn arn:aws:iam::112233445566:role/Cloud9AdminRole --role-session-name MySessionName);\
export AWS_ACCESS_KEY_ID=$(echo $OUT | jq -r '.Credentials''.AccessKeyId');\
export AWS_SECRET_ACCESS_KEY=$(echo $OUT | jq -r '.Credentials''.SecretAccessKey');\
export AWS_SESSION_TOKEN=$(echo $OUT | jq -r '.Credentials''.SessionToken');

After consecutive logins run command to clear session:

unset AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN AWS_SECURITY_TOKEN

To verify Cloud9AdminRole is used, type:

aws sts get-caller-identity

Name		Name	Last commit message	Last commit date
Latest commit History 18 Commits
README.md		README.md
Screenshot 2022-11-27 150807.png		Screenshot 2022-11-27 150807.png
git_ssh.sh		git_ssh.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

Screenshot 2022-11-27 150807.png

Screenshot 2022-11-27 150807.png

git_ssh.sh

git_ssh.sh

Repository files navigation

cloud9setup

Step 1: Setting up Git with SSH access

Run this script:

In Github:

To test access type:

Step 2: Configure Secure Access for Cloud9

Create IAM entities

Create IAM role for Cloud9 with required presmissions and write down role arn

Create IAM Policy to further assume this role

Attach policy to IAM Role that you will store keys for

Authorize CLI environment with created keypair from MyUser

About

Releases

Packages

Languages

msokolov93/Cloud9-Setup

Folders and files

Latest commit

History

Repository files navigation

cloud9setup

Step 1: Setting up Git with SSH access

Run this script:

In Github:

To test access type:

Step 2: Configure Secure Access for Cloud9

Create IAM entities

Create IAM role for Cloud9 with required presmissions and write down role arn

Create IAM Policy to further assume this role

Attach policy to IAM Role that you will store keys for

Authorize CLI environment with created keypair from MyUser

About

Resources

Stars

Watchers

Forks

Languages