aws ec2.py companion script to generate sshconfigs with auto bastion host discovery

Related tags

General Utilitiesec2-bastion-sshconfig
Overview

ec2-bastion-sshconfig

This script will interate over instances found by ec2.py and if those instances are not publically accessible it will search the associated VPC for any public instance that can be used as a bastion. Additionally it will create host aliases for any DNS records found in route53 that match the instance's IP(s) and CNAME records. The resulting output can be added to your ~/.ssh/config.

Requirements

This scipt depends on the ec2.py script and ec2.ini configuration file to work. You also need a working AWS_PROFILE as expected by the boto module.

Assumptions

  • ec2.py and ec2.ini are installed.
  • group_by_vpc_id = True in ec2.ini
  • SSH keys are named on your filesystem to the value of ec2_key_name. (You can use symlinks)

Setup environment

Create a python environment for testing

# python3 -m venv ec2-bastion-sshconfig

Enter the environment

# source ec2-bastion-sshconfig/bin/activate

Install required python modules

# pip install -r requirements.txt

Set ENV vars

# export AWS_PROFILE=default
# export EC2_INI_PATH=/usr/local/etc/ec2.ini

Run

# ./ec2-bastion-sshconfig.py -h
usage: ec2-bastion-sshconfig.py [-h] [--profile PROFILE] [--ec2Py EC2PY]
                                [--ec2PyINI EC2PYINI] [--sshUser SSHUSER]
                                [--sshKeyPATH SSHKEYPATH] [--sshPort SSHPORT]
                                [--debug DEBUG] [--awsDNSProfile AWSDNSPROFILE]
                                [--tld TLD]

optional arguments:
  -h, --help            show this help message and exit
  --profile PROFILE     Specify AWS credential profile to use.
  --ec2Py EC2PY         inventory script to use.
  --ec2PyINI EC2PYINI   inventory config file to use
  --sshUser SSHUSER     SSH username
  --sshKeyPATH SSHKEYPATH
                        PATH to SSH keys
  --sshPort SSHPORT     Alternate SSH port
  --debug DEBUG         Set to True to enable debug msgs
  --awsDNSProfile AWSDNSPROFILE
                        The AWS profile used to interact with route53
  --tld TLD             tld to append to hostnames
Option Description Default
--profile AWS_PROFILE used to run ec2.py $AWS_PROFILE
--ec2Py Full path to the ec2.py script $PATH
--ec2PyINI Full path to the ec2.ini configuration file $EC2_INI_PATH
--sshUser Username to populate the User parameter in ~/.ssh/config. If set the IdentityFile parameter will be set to the value of ec2_key_name found by ec2.py. (requires --sshKeyPATH) $USER
--sshKeyPATH Full path to local folder containing ssh key files. None
--sshPort Alternate port to try in addition to the default SSH port "22"
--debug Show debug messages False
awsDNSProfile AWS_PROFILE used to read from route53 "default"
--tld DNS zone for which your instances belong "example.com"

Example

# python ./ec2-bastion-sshconfig.py \
  --profile test \
  --ec2Py /usr/local/bin/ec2.py \
  --ec2PyINI /usr/local/etc/ec2.ini \
  --sshUser ec2_user \
  --sshKeyPATH ~/.ssh/ec2_keys \
  --sshPort 2222 \
  --awsDNSProfile default \
  --tld example.com | tee -a ~/.ssh/conf.d/example.com

##################################################
####   vpc-99999999999999999   ###################
##################################################

# <--
Host bastion bastion.example.com i-99999999999999999
  ForwardAgent yes
  StrictHostKeyChecking no
  Hostname 1.2.3.257
  Port 2222
  User ec2_user
  IdentityFile /data/home/username/.ssh/ec2_keys/test.pem
# -->

# <--
Host web-1 web-1.example.com i-99999999999999991
  ForwardAgent yes
  StrictHostKeyChecking no
  Hostname 10.0.0.4
  User ec2_user
  IdentityFile /data/home/username/.ssh/ec2_keys/test.pem
  ProxyJump bastion
# -->

# <--
Host web-2 web-2.example.com i-99999999999999992
  ForwardAgent yes
  StrictHostKeyChecking no
  Hostname 10.0.0.5
  User ec2_user
  IdentityFile /data/home/username/.ssh/ec2_keys/test.pem
  ProxyJump bastion
# -->
Owner
Steve Melo
Steve Melo
GitHub Repository
Create a Web Component (a Custom Element) from a python file

wyc Create a Web Component (a Custom Element) from a python file (transpile python code to javascript (es2015)). Features Use python to define your cu

7 Oct 09, 2022
🌲 A simple BST (Binary Search Tree) generator written in python

Tree-Traversals (BST) 🌲 A simple BST (Binary Search Tree) generator written in python Installation Use the package manager pip to install BST. Usage

Jan Kupczyk 1 Dec 12, 2021
An URL checking python module

An URL checking python module

Fayas Noushad 6 Aug 10, 2022
A Random Password Generator made from Python

Things you need Python Step 1 Download the python file from Releases Step 2 Go to the directory where the python file is and run it Step 3 Type the le

Kavindu Nimsara 3 May 30, 2022
Fraud Multiplication Table Detection in python

Fraud-Multiplication-Table-Detection-in-python In this program, I have detected fraud multiplication table using python without class. Here, I have co

Sachin Vinayak Dabhade 4 Sep 24, 2021
A workflow management tool for numerical models on the NCI computing systems

Payu Payu is a climate model workflow management tool for supercomputing environments. Payu is currently only configured for use on computing clusters

The Payu Organization 11 Aug 25, 2022
A small utility that sorts your files.

FileSorter A small utility that sorts your files. TODO: Scan directory to find files(thanks @corruptmemry for this!) Split extensions to determine fil

2 Jun 16, 2022
Python code to remove empty folders from Windows/Android.

Empty Folder Cleaner is a program that deletes empty folders from your computer or device and removes clutter to improve performance. It supports only windows and android for now.

Dark Coder Cat | Vansh 4 Sep 27, 2022
Check the basic quality of any dataset

Data Quality Checker in Python Check the basic quality of any dataset. Sneak Peek Read full tutorial at Medium. Explore the app Requirements python 3.

MalaDeep 8 Feb 23, 2022
NetConfParser is a tool that helps you analyze the rpcs coming and going from a netconf client to a server

NetConfParser is a tool that helps you analyze the rpcs coming and going from a netconf client to a server

Aero 1 Mar 31, 2022
A simple Python app that generates semi-random chord progressions.

chords-generator A simple Python app that generates semi-random chord progressions.

53 Sep 07, 2022
A python script to generate wallpaper

wallpaper eits Warning You need to set the path to Robot Mono font in the source code. (Settings are in the main function) Usage A script that given a

Henrique Tsuyoshi Yara 5 Dec 02, 2021
We provide useful util functions. When adding a util function, please add a description of the util function.

Utils Collection Motivation When we implement codes, we often search for util functions that are already implemented. Here, we are going to share util

6 Sep 09, 2021
Convert any-bit number to decimal number and vise versa.

2deci Convert any-bit number to decimal number and vise versa. --bit n to set bit to n --exp xxx to set expression to xxx --r to run reversely (from d

3 Sep 15, 2021
A script to parse and display buy_tag and sell_reason for freqtrade backtesting trades

freqtrade-buyreasons A script to parse and display buy_tag and sell_reason for freqtrade backtesting trades Usage Copy the buy_reasons.py script into

Robert Davey 31 Jan 01, 2023
Produce a simulate-able SDF of an arbitrary mesh with convex decomposition.

Mesh-to-SDF converter Given a (potentially nasty, nonconvex) mesh, automatically creates an SDF file that describes that object. The visual geometry i

Greg Izatt 22 Nov 23, 2022
Functional UUIDs for Python.

🏷️FUUID stands for Functional Universally Unique IDentifier. FUUIDs are compatible with regular UUIDs but are naturally ordered by generation time, collision-free and support succinct representations

Phil Demetriou 147 Oct 27, 2022
Tools for binary data on cassette

Micro Manchester Tape Storage Tools for storing binary data on cassette Includes: Python script for encoding Arduino sketch for decoding Eagle CAD fil

Zack Nelson 28 Dec 25, 2022
Set of scripts for some automation during Magic Lantern development

~kitor Magic Lantern scripts A few automation scripts I wrote to automate some things in my ML development efforts. Used only on Debian running over W

Kajetan Krykwiński 1 Jan 03, 2022
JavaScript-style async programming for Python.

promisio JavaScript-style async programming for Python. Examples Create a promise-based async function using the promisify decorator. It works on both

Miguel Grinberg 191 Dec 30, 2022