aws-access

    2.1.4 • Public • Published

    AWS Access

    aws-access is a command line utility to update an AWS security group with your current IP across one or more regions.

    This is a relatively cheap way to lock down access to AWS resources to whitelisted ips. Defaults to whitelisting port 22. Configure ports using the --ports|-P argument.

    To use:

    • Step 1: Create security group for whitelisted ips e.g. 'remote-working'
    • Step 2: Assign security group to appropriate resources
    • Step 3: Install aws-access npm install -g aws-access
    • Step 4: Set up aws credentials
    • Step 5: Run aws-access to whitelist your current ip e.g. aws-access -g remote-working

    Example

    # enable access to SSH and Postgres from the current IP
    aws-access -p myprofile -g mysecuritygroup -r us-east-1 eu-west-1 -P 22 5432
    

    Installing

    npm install -g aws-access
    

    Prerequisites

    • nodejs 7.6+

    Command Line

    aws-access
    
    Options:
      -h             Show help                                             [boolean]
      -p, --profile                                                       [optional]
      -g, --group                                                         [required]
      -r, --region                                            [default: "us-east-1"]
      -P, --ports                                          [array] [default: ["22"]]
    

    Security Considerations

    • It's likely that a users IP will be stale over time, potentially allowing access to the AWS resources from unexpected IPs. This is still better than allowing access from the whole internet (i.e. 0.0.0.0/0) but this should be part of a defense in depth i.e. resources that are made accessible via aws-access should also be properly secured.
    • Removing old users from the security group managed by aws-access should be part of any offboarding process
    • If a user is renamed, their old username should be cleaned from the security group managed by aws-access
    • If this is used for multiple users, any of the users have the ability to modify rules set up by other users

    Install

    npm i aws-access

    DownloadsWeekly Downloads

    1

    Version

    2.1.4

    License

    Apache-2.0

    Unpacked Size

    19.1 kB

    Total Files

    5

    Last publish

    Collaborators

    • jamiemccrindle