Skip to content

Instantly share code, notes, and snippets.

Use a Bastion Host

Login

At least two techniques exist for jumping "through" a bastion host to a "hidden" server. In the following examples, the bastion host has the hostname BastionHost whereas the target host has the hostname TargetHost.

Agent Forwarding

First, we log in to the bastion host

@jenseickmeyer
jenseickmeyer / async_await.js
Last active April 3, 2018 13:21
AWS Lambda function using async/await
'use strict';
const aws = require('aws-sdk');
const dynamoDB = new aws.DynamoDB.DocumentClient();
exports.handler = async (event, context) => {
return await getItems();
};
@jenseickmeyer
jenseickmeyer / invalidate.sh
Created January 31, 2018 07:22
Script for invalidation a CloudFront Distribution
#!/bin/bash
DISTRIBUTION_ID=
#Invalidate the CloudFront Distribution
invalidation_id=$(aws cloudfront create-invalidation --distribution-id $DISTRIBUTION_ID --paths "/*" --query Invalidation.Id)
length=${#invalidation_id}
# Wait for invalidation to finish
aws cloudfront wait invalidation-completed --distribution-id $DISTRIBUTION_ID --id ${invalidation_id:1:$length-2}
@jenseickmeyer
jenseickmeyer / assumeRole.js
Last active October 22, 2017 12:59
Lambda function which assumes two roles of two different AWS accounts before listing S3 buckets.
const AWS = require('aws-sdk');
exports.handler = (event, context, callback) => {
assumeRole('123456789012', 'RoleName', null, (error, credentials) => {
if(error) {
console.log('Failed to assume role: ' + error);
callback(error);
} else {
assumeRole('098765432109', 'OrganizationAccountAccessRole', credentials, (error, credentials) => {
if(error) {