ssm-start-session

#!/usr/bin/env bash
set -uex
umask 0077
export LANG=C

if [[ $# -lt 5 ]]; then
    echo "usage: $0 <profile> <private-key> <target> <port> <user>" >&2
    exit 1
fi

export AWS_PROFILE=$1
pubkeyfile=$2
host=$3
port=$4
user=$5
timeout=30

pubkey=$(cat "$pubkeyfile")

target=None
if [[ $host =~ ^i-[a-z0-9]+$ ]]; then
    target=$host
else
    target=$(aws ec2 describe-instances \
        --filters Name=tag:Name,Values="$host" Name=instance-state-name,Values=running \
        --query 'Reservations[0].Instances[0].InstanceId' \
        --output text)
fi

if [[ $target == None ]]; then
    echo "target host $host not found." >&2
    exit 1
fi

commands="echo '$pubkey' > ~$user/.ssh/authorized_keys; sleep $timeout; : > ~$user/.ssh/authorized_keys"

aws ssm send-command \
    --instance-ids "$target" \
    --document-name AWS-RunShellScript \
    --parameters commands="\"$commands\""

aws ssm start-session \
    --target "$target" \
    --document-name AWS-StartSSHSession \
    --parameters portNumber="$port"

ssm-start-session-aws-vault

#!/usr/bin/env bash
set -ue
umask 0077
export LANG=C

if [[ $# -lt 5 ]]; then
    echo "usage: $0 <profile> <private-key> <target> <port> <user>" >&2
    exit 1
fi

aws-vault exec $1 --prompt=osascript -- ssm-start-session $1 $2 $3 $4 $5