This change has been marked as completed.

Describe the completed change (optional):

Pushed to master (a4a50ae)

Summary

Add support for connecting using Amazon SSM.

Review Request #14191 — Created Sept. 26, 2024 and submitted 7 months, 1 week ago — Latest diff uploaded 8 months ago

Owner

Repository

fabazon

Branch

master

Bugs

Depends On

Groups

People

Description*

Amazon SSM provides on-demand SSH access to hosts that may not be
exposed to the Internet in any form, adding extra security to
infrastructure.

SSM support can now be enabled by passign use_ssm=True to
EC2RoleDefs. This will result in EC2 instance IDs being returned
instead of hostnames.

This does require ~/.ssh/config to be configured properly for SSM
support, and that env.use_ssh_config = True is enabled in the
fabfile.

Testing Done

Tested this with our deployment infrastructure and verified that
Fabric and Paramiko engaged with SSM and connected.

First	Last	Summary	ID	Author
		Add support for connecting using Amazon SSM. Amazon SSM provides on-demand SSH access to hosts that may not be exposed to the Internet in any form, adding extra security to infrastructure. SSM support can now be enabled by passign `use_ssm=True` to `EC2RoleDefs`. This will result in EC2 instance IDs being returned instead of hostnames. This does require `~/.ssh/config` to be configured properly for SSM support.	3ad75074906426ba496698da71a21afba26a31b0	Christian Hammond

	fabazon/ec2.py
	fabazon/roles.py

fabazon/ec2.py

fabazon/roles.py