Last active
March 17, 2023 11:45
-
-
Save broo0ose/834ba9fc8bd8e99358fea361d2961bba to your computer and use it in GitHub Desktop.
Creates a tunnel using AWS session manager to an AWS instance so that you can connect with a local client over the tunnel. e.g. RDP from your PC.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Creates a tunnel using AWS session manager to an AWS instance so that you can connect with a local client over the tunnel | |
# https://github.com/broo0ose 24/08/2021 | |
# pre-reqs for this script | |
# - AWS CLI environment on powershell | |
# - the AWS Session Manager plugin https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-working-with-install-plugin.html | |
# - I use SSO to connect to AWS so I needed to use 'aws configure sso' to the correct account and profile. | |
# - logged in using 'aws login sso' Or however you connect to AWS, eg IAM account. | |
# - the instance must be set up to use AWS Session Manager, and you must have the rights to run the client connection eg. remote admin group. | |
Clear-Host | |
# set up some defaults | |
$target="i-whatever" | |
$localport=54321 | |
$remoteport=3389 | |
$region="eu-west-1" | |
$profile="name_of_profile" | |
# Check the values with the user | |
$prompt = Read-Host "Enter the profile, default is" [$($profile)]"" | |
if (!$prompt -eq "") {$profile = $prompt} | |
$prompt = Read-Host "Enter the region, default is" [$($region)]"" | |
if (!$prompt -eq "") {$region = $prompt} | |
$prompt = Read-Host "enter the instance to connect to " [$($target)]"" | |
if (!$prompt -eq "") {$target = $prompt} | |
$prompt = Read-Host "enter the remote port to connect to (e.g. RDP is 3389) " [$($remoteport)]"" | |
if (!$prompt -eq "") {$remoteport = $prompt} | |
Write-Output "When the 'Waiting for connections' message comes up, connect your local client to 127.0.0.1:$localport" | |
# Start the session manager to create a tunnel to the instance. | |
aws ssm start-session --target $target --document-name AWS-StartPortForwardingSession --parameters "localPortNumber=$localport,portNumber=$remoteport" --region $region --profile $profile |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment