aws-cli

/Tag:aws-cli
­

ssm-tunnel

EC2 instances, RDS database and many other resources reside in VPCs. To access them we need a network connectivity - either through a VPN, Direct Connect, or through a Jump / Bastion Host. That's stating the obvious. Sometimes, however, it's inconvenient or difficult to achieve a direct connectivity ad-hoc - maybe you are in a [...]

By |July 21st, 2019|Projects|7 Comments

SSM Sessions the easy way

In the previous post - Using SSM Session Manager for interactive instance access - I showed you how to access EC2 instances through AWS Systems Manager (SSM) Sessions without having to open Security Groups or firewall ports, maintain SSH keys, VPNs, Jump Hosts, and so on. The native way for starting a SSM Session with [...]

By |May 27th, 2019|Projects|10 Comments

Using SSM Session Manager for interactive instance access

You may argue that interactive login to EC2 instances should never be needed. Everything is dynamic, automated, self healing, centrally logged, and so on and there is no place for human interaction, right? But lets be honest - the world isn't perfect and we all sometimes need to jump into bash to do stuff for [...]

By |May 25th, 2019|Best Practice|7 Comments

CloudFormation package & deploy

Easily deploy complex CloudFormation templates with external resources such as Lambdas or nested stacks.

By |February 20th, 2019|Best Practice|8 Comments

filter-ip-ranges

Sometimes it's handy to know what IP address ranges are used in different AWS Regions. You may want to whitelist access to your region AWS endpoints, or from global CloudFront location, or set up some special routing rules, or look up which region a certain IP belongs to. ip-ranges.json & filter-ip-ranges AWS publishes ip-ranges.json [...]

By |March 31st, 2018|Projects|1 Comment

Cross-account access with aws-cli

In the previous post I explained how to Use Cross-account access through AWS Console. Today I'll show you how to do the same in the command line using aws-cli. We've got Access and Secret keys for the Login account and want to use aws-cli to create and manage resources in the Dev account above. [...]

By |January 10th, 2018|Best Practice|0 Comments

Re-using EC2 Key Pair in multiple regions

One of the parameters required for launching an EC2 instance is a Key Pair which is effectively an SSH Key used for interactive logging into the default user account - on Amazon Linux it's the ec-user account - or for decrypting the Windows Administrator's password. It is easy to create a new Key Pair / [...]

By |July 4th, 2016|Best Practice|2 Comments

EC2 Instance Roles

In the previous post about Access & Secret Keys I emphasized that those keys - static keys - should never be used in production and in fact they should never leave your laptop. But what if you need to call the AWS services from scripts or programs running on an EC2 instance? In a typical [...]

By |November 27th, 2015|Best Practice|0 Comments

Access & Secret Keys

When working with AWS API the clients (programs, scripts, etc) must have a way to prove who they are and what level of access to Amazon services they should have. In a typical scenario an AWS user runs aws cli (or a script using aws cli) to interact with Amazon. For example to create a [...]

By |July 22nd, 2015|Best Practice|2 Comments