Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/epomatti/aws-ssh-tunneling
SSH tunneling example with AWS
https://github.com/epomatti/aws-ssh-tunneling
aws aws-security aws-ssm ec2 run-command ssh ssh-tunnel ssh-tunneling ssm systems-manager terraform
Last synced: about 2 months ago
JSON representation
SSH tunneling example with AWS
- Host: GitHub
- URL: https://github.com/epomatti/aws-ssh-tunneling
- Owner: epomatti
- License: mit
- Created: 2023-10-02T00:16:41.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2023-10-02T01:15:14.000Z (over 1 year ago)
- Last Synced: 2023-10-02T03:27:08.893Z (over 1 year ago)
- Topics: aws, aws-security, aws-ssm, ec2, run-command, ssh, ssh-tunnel, ssh-tunneling, ssm, systems-manager, terraform
- Language: HCL
- Homepage:
- Size: 26.4 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# AWS SSH Tunneling
Connecting from a local workstation to AWS RDS MySQL via SSH tunneling.
Create a `.auto.tfvars` to setup your stack:
```terraform
aws_region = "us-east-2"
rds_instance_class = "db.t4g.micro"
rds_multi_az = false
rds_username = "mysqladmin"
rds_password = "p4ssw0rd"jumpserver_allow_ssh = ["0.0.0.0/0"]
```Apply the stack:
```sh
terraform init
terraform apply -auto-approve
```Create a temporary key pair:
```sh
mkdir keys
ssh-keygen -f keys/temp_key
```Add the public key to the `.ssh/authorized_keys` file using SSM Run Command:
```sh
# Set "instance-id" and "SSH_PUB_KEY" values accordingly
aws ssm send-command \
--targets "Key=InstanceIds,Values=instance-id" \
--document-name "AWS-RunShellScript" \
--comment "Add public key to SSH tunneling" \
--parameters "commands='echo SSH_PUB_KEY >> /home/ubuntu/.ssh/authorized_keys'" \
--output text
```Check the command status:
```sh
aws ssm get-command-invocation \
--command-id "ef7fdfd8-9b57-4151-a15c-db9a12345678" \
--instance-id "i-1234567890abcdef0" \
--query Status
```Check if everything is working by connecting via SSH:
```sh
ssh -i keys/temp_key ubuntu@
```Before creating the tunnel, enhance the security by allowing only your IP to connect via SSH:
```terraform
jumpserver_allow_ssh = ["YOUR PUBLIC IP/32"]
```Apply the configuration.
Now, create the tunnel:
```
ssh -i keys/temp_key -f -N -l ubuntu -L 3306:RDS_MYSQL_FQDN:3306 EC2_INSTANCE_FQDN -v
```If the tunnel is created, you should now be able to connect to MySQL from your local machine on port `3306`.
---
### Clean-up
```sh
terraform destroy -auto-approve
```