You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If EC2 instance and AWS Batch instances are in same subnet, access can be streamlined (i.e. no need to configure ssh_config and retain local copy of pem file).
If Batch instances live in different subnets, I believe an SSH key still needs to be declared/used. In such cases, it might make more sense to still generate the artefacts (to allow an ssh-forwarding jump).
Supporting two authentication methods will require additional conditional logic to be added to the file-copying logic (i.e. right now it is 100% ssh whereas introducing this modification would mean some installations use ssh while others use aw ec2-instance-connect ssh; I'm not sure what this change would have on scp commands).
Impacts
If decision is made to implement, IAM permissions will need to be modified to allow TF to access the EC2 to copy file and execute Ansible playbooks.
Initial Inclination
I'm inclined to continue generating extra artefacts and keep the Bash logic simple (_i.e. 100% ssh / scp). Opening this ticket so other users of the tool can chime in.
The text was updated successfully, but these errors were encountered:
As per AWS blog https://aws.amazon.com/blogs/compute/secure-connectivity-from-public-to-private-introducing-ec2-instance-connect-endpoint-june-13-2023/, "One click command" section.
Example:
aws ec2-instance-connect ssh --instance-id i-0aa722a7cce6f98xx
Considerations
ssh_config
and retain local copy ofpem
file).ssh
whereas introducing this modification would mean some installations usessh
while others useaw ec2-instance-connect ssh
; I'm not sure what this change would have onscp
commands).Impacts
Initial Inclination
I'm inclined to continue generating extra artefacts and keep the Bash logic simple (_i.e. 100%
ssh / scp
). Opening this ticket so other users of the tool can chime in.The text was updated successfully, but these errors were encountered: