This is a short makefile that enables you to get a VPN if you have both SSH and AWS cli access to the infrastructure.
Start by testing your access
make test-aws
-> tests if you have AWS cli access
(If not, set the aws-config variable in the Makefile accordingly)
make list-nat
-> lists all publicly available hosts with 'nat' in their name.
Select the IP address the one you want to connect to. This is the point you will be connecting to.
Let's say it's 1.2.3.4. You will use it as bastion variable.
bastion=1.2.3.4 make test-ssh
-> tests if you have SSH access
bastion=1.2.3.4 make vpn
-> Conntects to the VPN, creating and downloading a client certificate in the process. It will stay in the foreground by default, soyou can monitor progress.
After the VPN is active, you can switch to another terminal and list private IPs that you might be able to connect to using make list-vpn-hosts
. If you found
something interesting, use host=interesting.ip.1.2.3 make ssh
to connect.