github.com/xen0l/aws-gate ↗

About xen0l/aws-gate

aws-gate is a Python command-line tool that provides an improved interface to Amazon's AWS Systems Manager Session Manager, which allows secure shell access to EC2 instances without managing bastion hosts or distributing SSH keys. The project addresses limitations in the native AWS CLI by enabling users to connect to instances through multiple identifiers like DNS names, IP addresses, tags, instance names, and autoscaling group names, rather than requiring instance IDs.

The tool supports configuration files in YAML format stored at ~/.aws-gate/config and config.d directories, allowing users to save connection details and default settings for frequently accessed instances. It also integrates with SSH by supporting SSH ProxyCommand functionality, which can tunnel SSH sessions through Session Manager and automatically generate ephemeral SSH keys via EC2 Instance Connect. Users can perform standard SSH operations like opening shells, executing commands, and forwarding local ports to remote services.

aws-gate requires Python 3.5 or later, the AWS session-plugin-manager, and SSM Agent 2.3.68.0 or later on target EC2 instances. It can be installed via pip, Homebrew, or Docker, and includes debugging capabilities through the GATE_DEBUG environment variable. The project is licensed under the BSD License and targets AWS users seeking to eliminate traditional bastion host infrastructure while maintaining secure instance access through AWS identity and access management.