/ssh-connection-with-session-manager

Access AWS resources with Session Manager

Primary LanguageRuby

SSH connection with Session Manager

Access AWS resources with Session Manager.

Create AWS Resources by Terraform

docker-compose run terraform plan

docker-compose run terraform apply

Settings

Install AWS CLI

curl "https://d1vvhvl2y92vvt.cloudfront.net/AWSCLIV2.pkg" -o "AWSCLIV2.pkg"
sudo installer -pkg AWSCLIV2.pkg -target /

Confirming the installation.

which aws
aws --version

ref: Installing the AWS CLI version 2 on MacOS - AWS Command Line Interface

Configure

Configure iam user created by Terraform.
Access Key and Secret Access Key will be written to the terraform state file (terraform.tfstate), please protect your backend state file judiciously.

ref: https://www.terraform.io/docs/providers/aws/r/iam_access_key.html

aws configure

ref: Configuring the AWS CLI - AWS Command Line Interface

Install Session Manager Plugin

curl "https://s3.amazonaws.com/session-manager-downloads/plugin/latest/mac/sessionmanager-bundle.zip" -o "sessionmanager-bundle.zip"
unzip sessionmanager-bundle.zip
sudo ./sessionmanager-bundle/install -i /usr/local/sessionmanagerplugin -b /usr/local/bin/session-manager-plugin

ref: (Optional) Install the Session Manager Plugin for the AWS CLI - AWS Systems Manager

Starting a Session (AWS CLI)

aws ssm start-session --target instance-id

ref: Start a Session - AWS Systems Manager

Capistrano

Deploy Rails applicaiton by capistrano throught Session Manager.
Add proxy command settiongs below.

require 'net/ssh/proxy/command'
set :ssh_options,
    keys: %w[YOURE_SSH_KEY],
    forward_agent: true,
    auth_methods: %w[publickey],
    proxy: Net::SSH::Proxy::Command::new("aws ssm start-session --target #{ENV['INSTANCE_ID']} --document-name AWS-StartSSHSession --parameters 'portNumber=22'")

ref: Authentication & Authorisation - Capistrano