gianlucaborello / Aws Ssh Config
Licence: gpl-2.0
Generate SSH config files from AWS EC2 inventory
Stars: ✭ 229
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Aws Ssh Config
Awesome Aws
A curated list of awesome Amazon Web Services (AWS) libraries, open source repos, guides, blogs, and other resources. Featuring the Fiery Meter of AWSome.
Stars: ✭ 9,895 (+4220.96%)
Mutual labels: aws, cloud, ec2
Laravel Aws Eb
Ready-to-deploy configuration to run Laravel on AWS Elastic Beanstalk.
Stars: ✭ 247 (+7.86%)
Mutual labels: aws, ec2, ami
Aws Workflows On Github
Workflows for automation of AWS services setup from Github CI/CD
Stars: ✭ 95 (-58.52%)
Mutual labels: aws, cloud, ec2
Cloud Security Audit
A command line security audit tool for Amazon Web Services
Stars: ✭ 68 (-70.31%)
Mutual labels: aws, cloud, ec2
Aws Virtual Bastion
A web based terminal for EC2 instances that does not require SSH or any other inbound connections to the instaces. Instead it uses the AWS Systems Manager (SSM) API to run commands (bash or powershell).
Stars: ✭ 166 (-27.51%)
Mutual labels: aws, ec2
Pulumi Aws
An Amazon Web Services (AWS) Pulumi resource package, providing multi-language access to AWS
Stars: ✭ 169 (-26.2%)
Mutual labels: aws, cloud
Aws Ec2 Assign Elastic Ip
Automatically assign Elastic IPs to AWS EC2 Auto Scaling Group instances
Stars: ✭ 172 (-24.89%)
Mutual labels: aws, ec2
Aws Lambda Fastify
Insipired by aws-serverless-express to work with Fastify with inject functionality.
Stars: ✭ 190 (-17.03%)
Mutual labels: aws, cloud
Awscloudformation Samples
Sample AWS CloudFormation templates
Stars: ✭ 153 (-33.19%)
Mutual labels: aws, ec2
Externalsecret Operator
An operator to fetch secrets from cloud services and inject them in Kubernetes
Stars: ✭ 177 (-22.71%)
Mutual labels: aws, cloud
Opencspm
Open Cloud Security Posture Management Engine
Stars: ✭ 191 (-16.59%)
Mutual labels: aws, cloud
Diagram Maker
A library to display an interactive editor for any graph-like data.
Stars: ✭ 2,086 (+810.92%)
Mutual labels: aws, cloud
Autospotting
Saves up to 90% of AWS EC2 costs by automating the use of spot instances on existing AutoScaling groups. Installs in minutes using CloudFormation or Terraform. Convenient to deploy at scale using StackSets. Uses tagging to avoid launch configuration changes. Automated spot termination handling. Reliable fallback to on-demand instances.
Stars: ✭ 2,014 (+779.48%)
Mutual labels: aws, ec2
Smogcloud
Find cloud assets that no one wants exposed 🔎 ☁️
Stars: ✭ 168 (-26.64%)
Mutual labels: aws, cloud
Aws Cost Saver
A tiny CLI tool to help save costs in development environments when you're asleep and don't need them!
Stars: ✭ 178 (-22.27%)
Mutual labels: aws, ec2
Firecamp
Serverless Platform for the stateful services
Stars: ✭ 194 (-15.28%)
Mutual labels: aws, cloud
Gossm
💻Interactive CLI tool that you can connect to ec2 using commands same as start-session, ssh in AWS SSM Session Manager
Stars: ✭ 192 (-16.16%)
Mutual labels: aws, ec2
Packer Build
Packer Automated VM Image and Vagrant Box Builds
Stars: ✭ 199 (-13.1%)
Mutual labels: aws, ami
aws-ssh-config
Description
A very simple script that queries the AWS EC2 API with boto and generates a SSH config file ready to use. There are a few similar scripts around but I couldn't find one that would satisfy all my wish list:
- Connect to all regions at once
- Do AMI -> user lookup (regexp-based)
- Support public/private IP addresses (for VPNs and VPCs)
- Support multiple instances with same tags (e.g. autoscaling groups) and provide an incremental count for duplicates based on instance launch time
- Support multiple customizable tags concatenations in a user-provided order
- Support region (with AZ) in the host name concatenation
- Properly leverage tab completion
Load modules
- Use
pipto load the required modules
pip install -r requirements.txt
Usage
This assumes boto is installed and configured. Also, private ssh keys must be copied under ~/.ssh/
Supported arguments:
usage: aws-ssh-config.py [-h] [--default-user DEFAULT_USER] [--keydir KEYDIR]
[--no-identities-only] [--postfix POSTFIX]
[--prefix PREFIX] [--private] [--profile PROFILE]
[--proxy PROXY] [--region]
[--ssh-key-name SSH_KEY_NAME]
[--strict-hostkey-checking] [--tags TAGS]
[--user USER]
[--white-list-region WHITE_LIST_REGION [WHITE_LIST_REGION ...]]
optional arguments:
-h, --help show this help message and exit
--default-user DEFAULT_USER
Default ssh username to use if it can't be detected
from AMI name
--keydir KEYDIR Location of private keys
--no-identities-only Do not include IdentitiesOnly=yes in ssh config; may
cause connection refused if using ssh-agent
--postfix POSTFIX Specify a postfix to append to all host names
--prefix PREFIX Specify a prefix to prepend to all host names
--private Use private IP addresses (public are used by default)
--profile PROFILE Specify AWS credential profile to use
--proxy PROXY Specify a bastion host for ProxyCommand
--region Append the region name at the end of the concatenation
--ssh-key-name SSH_KEY_NAME
Override the ssh key to use
--strict-hostkey-checking
Do not include StrictHostKeyChecking=no in ssh config
--tags TAGS A comma-separated list of tag names to be considered
for concatenation. If omitted, all tags will be used
--user USER Override the ssh username for all hosts
--white-list-region WHITE_LIST_REGION [WHITE_LIST_REGION ...]
Which regions must be included. If omitted, all
regions are considered
By default, it will name hosts by concatenating all tags:
[email protected]:~$ python aws-ssh-config.py > ~/.ssh/config
[email protected]:~$ cat ~/.ssh/config
Host dev-worker-1
HostName 54.173.109.173
User ec2-user
IdentityFile ~/.ssh/dev.pem
IdentitiesOnly yes
StrictHostKeyChecking no
Host dev-worker-2
HostName 54.173.190.141
User ec2-user
IdentityFile ~/.ssh/dev.pem
IdentitiesOnly yes
StrictHostKeyChecking no
Host prod-worker-1
HostName 54.164.168.30
User ec2-user
IdentityFile ~/.ssh/prod.pem
IdentitiesOnly yes
StrictHostKeyChecking no
Host prod-worker-2
HostName 54.174.115.242
User ubuntu
IdentityFile ~/.ssh/prod.pem
IdentitiesOnly yes
StrictHostKeyChecking no
ssh completion will immediately work:
[email protected]:~$ ssh d[TAB]
dev-worker-1
dev-worker-2
If the ssh completion will not immediately work you should add the following script to your .bash_profile
_complete_ssh_hosts ()
{
COMPREPLY=()
cur="${COMP_WORDS[COMP_CWORD]}"
comp_ssh_hosts=`cat ~/.ssh/known_hosts | \
cut -f 1 -d ' ' | \
sed -e s/,.*//g | \
grep -v ^# | \
uniq | \
grep -v "\[" ;
cat ~/.ssh/config | \
grep "^Host " | \
awk '{print $2}'
`
COMPREPLY=( $(compgen -W "${comp_ssh_hosts}" -- $cur))
return 0
}
complete -F _complete_ssh_hosts ssh
and run [email protected]:~$ source .bash_profile
It's possible to customize which tags one is interested in, as well as the order used for concatenation:
[email protected]:~$ python aws-ssh-config.py --tags Name > ~/.ssh/config
[email protected]:~$ cat ~/.ssh/config
Host worker-1
HostName 54.173.109.173
User ec2-user
IdentityFile ~/.ssh/dev.pem
IdentitiesOnly yes
StrictHostKeyChecking no
Host worker-2
HostName 54.173.190.141
User ec2-user
IdentityFile ~/.ssh/dev.pem
IdentitiesOnly yes
StrictHostKeyChecking no
Host worker-3
HostName 54.164.168.30
User ec2-user
IdentityFile ~/.ssh/prod.pem
IdentitiesOnly yes
StrictHostKeyChecking no
Host worker-4
HostName 54.174.115.242
User ubuntu
IdentityFile ~/.ssh/prod.pem
IdentitiesOnly yes
StrictHostKeyChecking no
[email protected]:~$ python aws-ssh-config.py --tags Name,Infrastructure > ~/.ssh/config
[email protected]:~$ cat ~/.ssh/config
Host worker-dev-1
HostName 54.173.109.173
User ec2-user
IdentityFile ~/.ssh/dev.pem
IdentitiesOnly yes
StrictHostKeyChecking no
Host worker-dev-2
HostName 54.173.190.141
User ec2-user
IdentityFile ~/.ssh/dev.pem
IdentitiesOnly yes
StrictHostKeyChecking no
Host worker-prod-1
HostName 54.164.168.30
User ec2-user
IdentityFile ~/.ssh/prod.pem
IdentitiesOnly yes
StrictHostKeyChecking no
Host worker-prod-2
HostName 54.174.115.242
User ubuntu
IdentityFile ~/.ssh/prod.pem
IdentitiesOnly yes
StrictHostKeyChecking no
By default, the ssh user is calculated from a regular expression based on the AMI name. A default user can be set with --default-user to use if no matches are found, otherwise a warning is printed on standard error and one can edit the script and add the rule to the AMIS_TO_USER dictionary:
[email protected]:~$ python aws-ssh-config.py > ~/.ssh/config
Can't lookup user for AMI 'ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-20140926', add a rule to the script
The --user param can also be used to use a single username for all hosts.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].