This work is largely based on jdhollis/bastions-on-demand. I'm not a big fan of Terraform or Clojure so I rewrote it using Cloudformation and ruby.
- Create a S3 bucket for storing lambda code. Create this however you want.
- Update the variables in
deploy-stack.sh
BUCKET
: the name of the bucket created in the previous stepCLUSTER_VPC_ID
: the VPC that the basion should belong toCLUSTER_DEFAULT_SG_ID
: the default SG ID for the VPCCLUSTER_SUBNET_IDS
: a comma separated list of subnets IDS
- Run
./deploy-stack.sh
to create/update the Cloudformation stack - Build and push the bastion image to ECR
cd image
./login.sh
./build.sh
./push.sh
CLI tool coming soon
- Send a signed
POST
request to theApiUrl
in the Cloudformation output. ssh ops@ip-from-create-response
- Note: Ensure you have added your SSH public key to your AWS user account. s
- Send a signed
DELETE
request to theApiUrl
in the Cloudformation output.