session-manager-plugin
fck-nat
session-manager-plugin | fck-nat | |
---|---|---|
2 | 19 | |
245 | 974 | |
4.9% | - | |
4.6 | 6.9 | |
12 days ago | about 1 month ago | |
Go | HCL | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
session-manager-plugin
-
AWS to start charging for IPv4 usage, but critical services don't support IPv6
Don't overlook SSM <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/session-...> which doesn't require sshd nor public access to get onto a machine and one can opt in to a bunch of audit logging if that's your jam. It's just a small bonus that one can also hop onto an instance from the AWS Console when using SSM, since it is websocket based and not "ssh from the browser"
The agent is Apache 2 if one wanted to build, enhance, or audit what it does: https://github.com/aws/amazon-ssm-agent#readme as is the local binary that awscli uses for the websocket handshaking: https://github.com/aws/session-manager-plugin#readme
-
How to use AWS SSM Session Manager Plugin
It turned out that this plugin is actually an open source project on GitHub, and this tool is used to power the start-session AWS CLI command to establish shell session. The exact way to use it undocumentated, but one can check AWS CLI's source code to see and example on how to use it.
fck-nat
-
Fck-nat: The (f)easible (C)ost (k)onfigurable NAT
https://github.com/AndrewGuenther/fck-nat/blob/main/service/... this is the bit you need to understand.
You've got the gist of it, but you probably want to read about NAT and iptables.
The source destination check is important - but implementation specific here. Google Cloud does it like this - https://cloud.google.com/vpc/docs/using-routes#canipforward
-
AWS to start charging for IPv4 usage, but critical services don't support IPv6
This entire thread is about the additional costs imposed on a publicly accessible IP[1].
Granted, there are other (but similarly expensive) workarounds such as NAT gateways[2] for outbound connectivity or the cheaper NAT instance method which AWS doesn't support any more, but there are alternatives[3]. However, for use cases requiring inbound connectivity such as setting up websites on EC2 instances, or using an ELB which need internet access, these charges definitely rack up.
[1] https://aws.amazon.com/blogs/aws/new-aws-public-ipv4-address...
[2] https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gat...
[3] https://fck-nat.dev
-
AWS to Begin Charging for Public IPv4 Addresses
Weird, I was just looking into this yesterday and found https://fck-nat.dev/
-
Can I use API Gateway to avoid the need for a NAT/Internet Gateway
If you find yourself needing NAT Gateway after all, I recommend https://fck-nat.dev/ - the name speaks for itself. If you use CDK, using it in place of managed NAT Gateway is dead simple.
- Anything can be a message queue if you use it wrongly enough
- Get rid of NAT-Gateway charge?
-
Painful bill for image pulls from ECR ?
There are tradeoffs for using a managed NAT Gateway that are usually not considered. It's sort of a roller coaster, but the introduction for the fck-nat project goes in to the most obvious tradeoffs
-
Important Information about NAT Gateway in your Account emails
May I suggest https://fck-nat.dev/ ?
-
Just released: alterNAT, a high availability AWS NAT implementation that reduces NAT Gateway costs while limiting the increased risk of operating NAT instances. I’d love to know what you think!
For those unaware: https://fck-nat.dev/
-
Should I use vpc interface endpoints instead of nat gateways to save costs?
I maintain a NAT instance AMI that works on both ARM and x86: https://fck-nat.dev/
What are some alternatives?
aws-cli - Universal Command Line Interface for Amazon Web Services
terraform-aws-nat-instance - Terraform module to provision a NAT Instance using an Auto Scaling Group and Spot Instance from $1/month
aws-ssm-session - Javascript library for starting an AWS SSM session compatible with Browser and NodeJS
terraform-aws-alternat - High availability implementation of AWS NAT instances.
netplan - Declarative network configuration for various backends
torrentfs - A p2p file system for https://github.com/CortexFoundation/CortexTheseus with pure Golang
amazon-ssm-agent - An agent to enable remote management of your EC2 instances, on-premises servers, or virtual machines (VMs).
aws-transit-gateway-connect-s
terraform-aws-nat - Terraform module for creating NAT Gateways or Instances and attaching them to a VPC
pingfs - Stores your data in ICMP ping packets
aws-transit-gateway-connect-sample - moved - https://github.com/f7o/aws-transit-gateway-connect-sample
somleng-project - Entrypoint for the Somleng Project