Skip to content

szechyjs/aws-bastion

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
cloudformation
cloudformation
 
 
image
image
 
 
lambda
lambda
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
deploy-stack.sh
deploy-stack.sh
 
 

Repository files navigation

AWS Bastion

This work is largely based on jdhollis/bastions-on-demand. I'm not a big fan of Terraform or Clojure so I rewrote it using Cloudformation and ruby.

Setup

  1. Create a S3 bucket for storing lambda code. Create this however you want.
  2. Update the variables in deploy-stack.sh
    • BUCKET: the name of the bucket created in the previous step
    • CLUSTER_VPC_ID: the VPC that the basion should belong to
    • CLUSTER_DEFAULT_SG_ID: the default SG ID for the VPC
    • CLUSTER_SUBNET_IDS: a comma separated list of subnets IDS
  3. Run ./deploy-stack.sh to create/update the Cloudformation stack
  4. Build and push the bastion image to ECR
    • cd image
    • ./login.sh
    • ./build.sh
    • ./push.sh

Using

CLI tool coming soon

Creating

  • Send a signed POST request to the ApiUrl in the Cloudformation output.
  • ssh ops@ip-from-create-response
  • Note: Ensure you have added your SSH public key to your AWS user account. s

Destroying

  • Send a signed DELETE request to the ApiUrl in the Cloudformation output.

About

Create on demand bastions with Fargate

Topics

ruby bastion lambda cloudformation ecs jumpbox fargate

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages