Automate with powershell is becoming a trendy operation spread by many cloud administrators. In fact, by using a single language, is possible to automate many IT processes without become crazy passing through user interfaces. Talking about AWS EC2 there is a lot of APIs that could fit quite all deploy and management task. But IMHO, managing the instance in using the “traditional way” (by a ssh client) could result not so easy, especially in powershell environment.
In this post I’ll show how to use Posh-SSH (showed in previous post here: https://blog.linoproject.net/powershell-managing-ubuntu-with-sudo-and-posh-ssh/), SSH client from Git to help you managing an EC2 instance using Powershell. This article will end with a tip to configure ssh connection with RoyalTS using the key provided by AWS during EC2 deployment.
Requirements and notes
Every time you create an EC2 instance a key-pair should be applied to that to ensure a stronger access than username and password. Obviously if you loose that you’re not able to access to VM; for this reason you should keep the key.pem in a safe place!
Keeping the focus on requirements:
- Set allowed ip with the ip where you’re connecting from, to the port 22 inbound rule in security group attached to the instance
- Get the path to the key file
- a username specified in connection details showed in connection dialog (Right click to instance then choose connect item)… in my case is “ubuntu”
Note: during connection or for test purpose, you could keep source to 0.0.0.0/0 as inbound rule, but don’t forget to restrict this policy in production.
PoshSSH
After getting the installation info from my previous post, you should connect to instance without specifying the password. To do it, simply prepare a no-password credentials using the instruction PSCredentials:
|
1 2 |
$nopasswd = new-object System.Security.SecureString $Crendential= New-Object System.Management.Automation.PSCredential ("ubuntu", $nopasswd) |
Now with New-SSHSession is possible to start working with stream command and variables:
|
1 |
New-SSHSession –ComputerName [instance_ip_fqdn] -KeyFile '\Path\To\Key.pem' -Credential $Crendential |
And sending ssh command in opened ssh session could be done simply:
|
1 |
Invoke-SSHCommand -SessionId 0 -Command "pwd" |
After operation you could close the connection using Remove-SSHSession cmdlet:
|
1 |
Remove-SSHSession -SessionId 0 |
SSH Client from Git
As a real alternative to Putty, in a powershell console, you could use Git ssh. Its Installation and configuration could be realized with the following commands issued with administrator rights:
|
1 2 3 4 |
#install chocolatey(a cool package system for windows) iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1')) #install git using choco choco install -y git -params "/GitAndUnixToolsOnPath" |
Now setting the path environment variable is possible use ssh in every directory…
|
1 2 |
$new_path = "$env:PATH;C:/Program Files/Git/usr/bin" $env:PATH=$new_path |
It’s time to start using the ssh client with key.pem
|
1 |
ssh -i '\path\to\Key.pem' ubuntu@[instance_ip_fqdn] |
A Tip for RoyalTS
For RoyalTS lover (like me) the procedure is very simple:
- Create new terminal connection (use Putty plugin)
- In “Credentials” step, under Credential tab, select “Specify username and password”; then type the username specified with the EC2 connection (in my case ubuntu)
- Under “Private Key File” Choose “Embed Private Key File” and select the path to the key.pem file. Obviously don’t specify any passphrase.
That’s all Folks!