Giters

patheard / aws-ecs-port-forward

Access private ECS task through SSM Session Manager port forwarding

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

aws-ecsaws-session-managerport-forwarding

AWS ECS task connect with SSM port forwarding

Connect to a private ECS test using SSM Session Manager port forwarding.

Requirements

Connect

aws ssm start-session \
    --target ecs:<CLUSTER>_<TASK ID>_<CONTAINER_RUNTIME_ID> \
    --document-name AWS-StartPortForwardingSession \
    --parameters '{"portNumber":["80"], "localPortNumber":["1338"]}' \
    --region ca-central-1

# Example
aws ssm start-session \
    --target ecs:internal_ad87713568a9469b8bb056780a2e1ffd_ad87713568a9469b8bb056780a2e1ffd-3386804179 \
    --document-name AWS-StartPortForwardingSession \
    --parameters '{"portNumber":["80"], "localPortNumber":["1338"]}' \
    --region ca-central-1

Credit

Most of this is taken from @mohamed-cds's example, with the addition of:

  • using only VPC PrivateLinks to run the ECS task; and
  • removing the ingress on port 80.

About

Access private ECS task through SSM Session Manager port forwarding

aws-ecsaws-session-managerport-forwarding

License:MIT License

Languages

Language:HCL 96.8%Language:Shell 3.2%