@@ -0,0 +1,141 @@
#! /usr/bin/env bash
#
# EC2 Instance Connect SSH Wrapper
#
# throw this in your path somewhere - /usr/local/bin is fine
#
# Author: [email protected]
set -o errexit
set -o nounset
usage () {
cat << _EOF_
Usage: ${0} [-l login_name] [-L] target [command]
-L [bind_address:]port:host:hostport
-L [bind_address:]port:remote_socket
-L local_socket:host:hostport
-L local_socket:remote_socket
targets:
${0} name <instance tag:Name value>
${0} dns <instance dns entry fqdn that points to private ip>
${0} ip <private ip address of instance>
${0} instance <instance_id>
ssh tunneling:
${0} -L <local port>:<remote host>:<remote port> sshhost
NOTE: If there are multiple instances in group, it will randomly connect to one!
REQUIRES coreutils (for GNU shuf), awscli
TO INSTALL:
OSX - install homebrew, then: brew install coreutils
sudo pip install awscli --upgrade
aws configure
_EOF_
}
if [ " $# " -eq " 0" ; then
usage
exit 2
fi
function find_instance_by_name(){
aws ec2 describe-instances --filters Name=tag:Name,Values=$1 Name=instance-state-name,Values=running --query " Reservations[*].Instances[*].[InstanceId]" | shuf -n 1
}
function find_instance_by_private_ip(){
aws ec2 describe-instances --filters Name=private-ip-address,Values=$1 Name=instance-state-name,Values=running --query " Reservations[*].Instances[*].[InstanceId]" | shuf -n 1
}
function find_instance_by_dns(){
ipaddr=` host -tA $1 | shuf -n 1 | awk -F" " ' { print $4}' `
find_instance_by_ip $ipaddr
}
# unused
function find_db_by_identifier(){
aws rds describe-db-instances --db-instance-identifier $1 --query " DBInstances[*].Endpoint.Address"
}
function main(){
username=' ec2-user'
local=' '
vpn=' '
while [[ " $1 " =~ ^- && ! " $1 " == " --" ; do case $1 in
-l | --ssh_username )
shift ; username=" -l $1 "
;;
-L )
shift ; local=" -N -L $1 "
;;
esac ; shift ; done
if [[ " $1 " == ' --' ; then shift ; fi
case " $1 " in
name)
if [ $# -lt 2 ]
then
echo " enter instance tag:Name value"
read instance
else
instance=$2
shift
fi
instance=` find_instance_by_name $instance `
;;
dns)
if [ $# -lt 2 ]
then
echo " enter domain name of instance"
read instance
else
instance=$2
shift
fi
instance=` find_instance_by_dns $instance `
;;
ip)
if [ $# -lt 2 ]
then
echo " enter private ip address"
read instance
else
instance=$2
shift
fi
instance=` find_instance_by_private_ip $instance `
;;
instance)
if [ $# -lt 2 ]
then
echo " enter instance id"
read instance
else
instance=$2
shift
fi
;;
* )
usage
exit 1
esac
FILE=/tmp/tempkey
if [ -f " $FILE " ; then
touch /tmp/tempkey
else
ssh-keygen -t rsa -f /tmp/tempkey -q -P " "
fi
shift
ip=` aws ec2 describe-instances --instance-ids $instance --query " Reservations[*].Instances[*].PrivateIpAddress" `
az=` aws ec2 describe-instances --instance-ids $instance --query " Reservations[*].Instances[*].Placement.AvailabilityZone" `
echo " sending keys to $instance at $ip "
aws ec2-instance-connect send-ssh-public-key --instance-id $instance --availability-zone $az --instance-os-user $username --ssh-public-key file:///tmp/tempkey.pub >> /dev/null
echo " sshing to instance"
ssh -i /tmp/tempkey $local $username @$ip $*
}
main $*
gregmoy created this gist