Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support AWS SSM and EC2 instance connect endpoint for remote commands #439

Open
flostadler opened this issue May 16, 2024 · 0 comments
Open

Support AWS SSM and EC2 instance connect endpoint for remote commands #439

flostadler opened this issue May 16, 2024 · 0 comments
Labels
kind/enhancement Improvements or new features

Comments

@flostadler
Copy link

Right now you can only connect to an EC2 instance using pulumi-command if:

  • VPC has internet gateway
  • EC2 instance is in public subnet
  • key-pair access is enabled (this is disabled in a lot of organizations because it's not easily auditable)
  • Security Groups allow internet ingress on SSH port (also forbidden in a lot of organizations)

AWS provides two services that let you connect to EC2 instances that cannot meat the requirements above:

  • AWS SSM
  • EC2 instance connect endpoint

By extending pulumi-command to support establishing remote connections via those two methods we can offer customers more secure, auditable access to their EC2 instances as well as enable them to use pulumi-command in secured environments that do not permit regular SSH access.
@thomas11 thomas11 added the kind/enhancement Improvements or new features label May 17, 2024
@thomas11 thomas11 mentioned this issue May 17, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/enhancement Improvements or new features
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@thomas11 @flostadler