https://github.com/szechyjs/aws-bastion
Create on demand bastions with Fargate
https://github.com/szechyjs/aws-bastion
bastion cloudformation ecs fargate jumpbox lambda ruby
Last synced: 10 months ago
JSON representation
Create on demand bastions with Fargate
- Host: GitHub
- URL: https://github.com/szechyjs/aws-bastion
- Owner: szechyjs
- Created: 2020-05-17T22:40:43.000Z (about 6 years ago)
- Default Branch: master
- Last Pushed: 2020-05-17T22:49:11.000Z (about 6 years ago)
- Last Synced: 2025-07-29T22:27:48.974Z (11 months ago)
- Topics: bastion, cloudformation, ecs, fargate, jumpbox, lambda, ruby
- Language: Ruby
- Homepage:
- Size: 8.79 KB
- Stars: 2
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# AWS Bastion
This work is largely based on [jdhollis/bastions-on-demand](https://github.com/jdhollis/bastions-on-demand).
I'm not a big fan of Terraform or Clojure so I rewrote it using Cloudformation and ruby.
## Setup
1. Create a S3 bucket for storing lambda code. Create this however you want.
1. Update the variables in `deploy-stack.sh`
- `BUCKET`: the name of the bucket created in the previous step
- `CLUSTER_VPC_ID`: the VPC that the basion should belong to
- `CLUSTER_DEFAULT_SG_ID`: the default SG ID for the VPC
- `CLUSTER_SUBNET_IDS`: a comma separated list of subnets IDS
1. Run `./deploy-stack.sh` to create/update the Cloudformation stack
1. Build and push the bastion image to ECR
- `cd image`
- `./login.sh`
- `./build.sh`
- `./push.sh`
## Using
*CLI tool coming soon*
### Creating
- Send a signed `POST` request to the `ApiUrl` in the Cloudformation output.
- `ssh ops@ip-from-create-response`
- *Note:* Ensure you have added your SSH public key to your AWS user account.
s
### Destroying
- Send a signed `DELETE` request to the `ApiUrl` in the Cloudformation output.