Ejemplo n.º 1
0
                        help = "Domain to target")

    args = parser.parse_args()

    if args.aws_credentials is None:
        parser.print_usage()
        print("Error: AWS credentials not provided and AWS_CREDENTIALS is not defined")
        sys.exit(1)

    if args.ssh_key is None:
        parser.print_usage()
        print("Error: SSH key not provided and SSH_KEY is not defined")
        sys.exit(1)

    session = aws.create_session(args.aws_credentials)
    bastion = aws.machine_lookup(session, 'bastion.' + args.domain)
    iam = session.resource('iam')
    client = session.client('iam')

    domain = args.domain.replace('.', '-')

    print("Opening ssh tunnel")
    with vault_tunnel(args.ssh_key, bastion):
        print("\tcomplete")

        v = Vault('vault.' + args.domain)

        #while True:
        #    try:
        #        v.revoke_secret_prefix('aws/creds/ingest-loadtest')
        #    except Exception as ex:
Ejemplo n.º 2
0
    parser.add_argument("--local-port",
                        default=None,
                        type=int,
                        help="Local port to use when tunneling")
    parser.add_argument("command",
                        choices=commands,
                        metavar="command",
                        help="Command to execute")
    parser.add_argument("arguments",
                        nargs="*",
                        help="Arguments to pass to the command")

    args = parser.parse_args()
    bosslet_config = args.bosslet_config

    bastion = aws.machine_lookup(bosslet_config.session,
                                 bosslet_config.names.bastion.dns)

    ssh_target = SSHTarget(bosslet_config.ssh_key, args.ip, args.port,
                           args.user)
    bastions = [SSHTarget(bosslet_config.ssh_key, bastion, 22, 'ec2-user')]
    if bosslet_config.outbound_bastion:
        bastions.insert(0, bosslet_config.outbound_bastion)
    ssh = SSHConnection(ssh_target, bastions, args.local_port)

    if args.command in ("ssh", ):
        ssh.shell()
    elif args.command in ("scp", ):
        ret = ssh.scp(*args.arguments)
        sys.exit(ret)
    elif args.command in ("ssh-cmd", ):
        ret = ssh.cmd(*args.arguments)
Ejemplo n.º 3
0
        print("Error: SSH key '{}' does not exist".format(args.ssh_key))
        sys.exit(1)

    session = aws.create_session(args.aws_credentials)

    # This next step will make bastion work with 1.consul or 1.vault internal names.
    boss_position = 1
    try:
        int(args.internal.split(".", 1)[0])
        boss_position = 2
    except ValueError:
        pass

    bastion_host = args.bastion if args.bastion else "bastion." + args.internal.split(
        ".", boss_position)[boss_position]
    bastion = aws.machine_lookup(session, bastion_host)
    if args.private_ip:
        private = args.internal
    else:
        private = aws.machine_lookup(session, args.internal, public_ip=False)

    ssh = SSHConnection(args.ssh_key, private, bastion)

    if args.command in ("ssh", ):
        ssh.shell()
    elif args.command in ("scp", ):
        ret = ssh.scp(*args.arguments)
        sys.exit(ret)
    elif args.command in ("ssh-cmd", ):
        ret = ssh.cmd(*args.arguments)
        sys.exit(ret)
Ejemplo n.º 4
0
        parser.print_usage()
        print("Error: AWS credentials not provided and AWS_CREDENTIALS is not defined")
        sys.exit(1)
    if args.ssh_key is None:
        parser.print_usage()
        print("Error: SSH key not provided and SSH_KEY is not defined")
        sys.exit(1)
    if not os.path.exists(args.ssh_key):
        parser.print_usage()
        print("Error: SSH key '{}' does not exist".format(args.ssh_key))
        sys.exit(1)

    session = aws.create_session(args.aws_credentials)
    if args.private_ip:
        ip = args.hostname
    else:
        ip = aws.machine_lookup(session, args.hostname)

    # the bastion server (being an AWS AMI) has a differnt username
    if args.user is None:
        user = "******" if args.hostname.startswith("bastion") else "ubuntu"
    else:
        user = args.user

    ssh = SSHConnection(args.ssh_key, (ip, 22, user))
    if args.cmd:
        ret = ssh.cmd(args.cmd)
    else:
        ret = ssh.shell()
    sys.exit(ret)