Scripts and How to to enhance the use of AWS CLI

From time to time, the need to have shell access to an instance on AWS is required. opening ports and managaging security group could be a security risk.

AWS SSM Session manager allows secure shell access to your instances.

Using SSM Session Manager, for terminal access has the following benefits

• Centralized access control to instances using IAM policies
• no open inbound ports and no need to manage bastion hosts or ssh keys

the issue is now getting a list your running instances

• AWS CLI V2
• Session Manager Plugin for AWS CLI

1. Clone this repo
2. Copy the /scripts folder somewhere you have access to.
   • recommend /opt/script
3. make the scripts executionable
   • cd /opt/scripts/
   • sudo chmod +x aws-*.sh
4. create aliases in your ~/.bash_aliases file with the following lines

   alias aws-ec2-list="/opt/scripts/aws-ec2-list.sh"
   alias aws-ssm-list="/opt/scripts/aws-ssm-list.sh"
   alias aws-ssm-connect="/opt/scripts/aws-ssm-connect.sh"
   alias aws-workspace-list="/opt/scripts/aws-workspace-list.sh"
   

5. Reload the Bachrc file
   • source ~/.bashrc

from a terminal window is you type aws-ec2-list it will output in a table formated text the list of the instances in your AWS account

-----------------------------------------------------
|                 DescribeInstances                 |
+------------+-----------------------+--------------+
|     AZ     |       Instance        |    Name      |
+------------+-----------------------+--------------+
|  us-east-1a|  i-0195c445788975y63  |  example     |
+------------+-----------------------+--------------+

• if you have multiple aws profiles installed add the profile name at the end of the command aws-ec2-list profile_name
• if no profile is provided it assumes the default profile

from a terminal window if you type aws-ssm-list it will output in a table formated text the list of the instances in your AWS account registed with AWS Session-Manager

-----------------------------------------------------------------------------
|                        DescribeInstanceInformation                        |
+----------------------------+-----------------------+------------+---------+
|        ComputerName        |          ID           |    IP      | Status  |
+----------------------------+-----------------------+------------+---------+
|  ip-10-0-1-76.ec2.internal |  i-0195c445788975y63  |  10.0.1.76 |  Online |
+----------------------------+-----------------------+------------+---------+

• if you have multiple aws profiles installed add the profile name at the end of the commend aws-ssm-list profile_name
• if no profile is provided it assumes the default profile

from a terminal window is you type

• aws-ssm-connect i-0195c445788975y63 will connect to InstanceID i-0195c445788975y63 assuming the default profile

from a terminal window if you type aws-workspace-list it will output the list of the workspaces in your account in your region formated in a table

---------------------------------------------
|            DescribeWorkspaces             |
+-----------+--------------+----------------+
|   State   |  UserName    |  WorspaceId    |
+-----------+--------------+----------------+
|  AVAILABLE|  user1       |  ws-5ri7v3p9b  |
|  AVAILABLE|  user2       |  ws-yxff10dfy  |
|  STOPPED  |  user3       |  ws-hj7gg4lm8  |
+-----------+--------------+----------------+

.
├── LICENSE
├── README.md
└── scripts
    ├── aws-ec2-list.sh
    ├── aws-ssm-connect.sh
    ├── aws-ssm-list.sh
    └── aws-workspace-list.sh

1 directory, 6 files