Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/auxten/letmein
Authorize AWS Security Group Ingress with Current IP(let me in)
https://github.com/auxten/letmein
Last synced: about 1 month ago
JSON representation
Authorize AWS Security Group Ingress with Current IP(let me in)
- Host: GitHub
- URL: https://github.com/auxten/letmein
- Owner: auxten
- License: apache-2.0
- Created: 2021-03-12T09:07:16.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2021-04-26T10:17:53.000Z (over 3 years ago)
- Last Synced: 2024-05-01T19:40:09.306Z (7 months ago)
- Language: Go
- Size: 18.6 KB
- Stars: 6
- Watchers: 4
- Forks: 1
- Open Issues: 1
-
Metadata Files:
- Readme: README-zh.md
- License: LICENSE
Awesome Lists containing this project
README
# Let me in
自动添加当前外网 IP 到 AWS 防火墙白名单[English](./README.md)
# 干啥的
将您的服务公开到公共领域非常危险。
特别是一些设计不佳的服务,或者这些可用于挖矿服务(K8,YARN等),非常容易被黑客抓肉鸡用来挖矿。
如果必须执行此操作,则过滤源IP地址是相对安全的方法。# 使用
0. 编译
```bash
go build
```1. 配置
```yaml
Auth:
UserPass:
auxten: "123456" # 用户名&密码 for HTTP Basic Authentication
AwsSg:
Region: "cn-northwest-1" # AWS Region
SgName: "Hadoop" # Security Group Name
SgId: "sg-0e0c5cd076cf1fb51" # Security Group I
```
2. 运行```bash
# AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY 可以在 AWS 界面上的 "My security credentials" 获取
export AWS_ACCESS_KEY_ID=XXX AWS_SECRET_ACCESS_KEY=XXXX
./letmein config.yaml
```3. 开门
进入 http://host:1323/ping ,输入用户名和密码。
`letmein`将向安全组添加一个新规则,该规则将允许来自源IP的所有流量通过。
因此,您应该在“安全组”内的主机上运行`letmein`。