Last active
March 29, 2023 10:23
-
-
Save chrolis/4174d5b06c99f7894d8da70a0e850c2e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
set -uex | |
umask 0077 | |
export LANG=C | |
if [[ $# -lt 5 ]]; then | |
echo "usage: $0 <profile> <private-key> <target> <port> <user>" >&2 | |
exit 1 | |
fi | |
export AWS_PROFILE=$1 | |
pubkeyfile=$2 | |
host=$3 | |
port=$4 | |
user=$5 | |
timeout=30 | |
pubkey=$(cat "$pubkeyfile") | |
target=None | |
if [[ $host =~ ^i-[a-z0-9]+$ ]]; then | |
target=$host | |
else | |
target=$(aws ec2 describe-instances \ | |
--filters Name=tag:Name,Values="$host" Name=instance-state-name,Values=running \ | |
--query 'Reservations[0].Instances[0].InstanceId' \ | |
--output text) | |
fi | |
if [[ $target == None ]]; then | |
echo "target host $host not found." >&2 | |
exit 1 | |
fi | |
commands="echo '$pubkey' > ~$user/.ssh/authorized_keys; sleep $timeout; : > ~$user/.ssh/authorized_keys" | |
aws ssm send-command \ | |
--instance-ids "$target" \ | |
--document-name AWS-RunShellScript \ | |
--parameters commands="\"$commands\"" | |
aws ssm start-session \ | |
--target "$target" \ | |
--document-name AWS-StartSSHSession \ | |
--parameters portNumber="$port" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
set -ue | |
umask 0077 | |
export LANG=C | |
if [[ $# -lt 5 ]]; then | |
echo "usage: $0 <profile> <private-key> <target> <port> <user>" >&2 | |
exit 1 | |
fi | |
aws-vault exec $1 --prompt=osascript -- ssm-start-session $1 $2 $3 $4 $5 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment