Open pyang55 opened 1 year ago
Is the the ssh-shell
command from the examples? My low-level code does not support KMS sessions, so this would not be a surprise to me. AWS has finally opened up the source code for their client-side SSM session plugin and I've been able to integrate it in this repo as of version v0.300.0
. This AWS code integration should have all of the feature support of their client-side, standalone, ssm session plugin.
The example code does not make use of the integration with the AWS code, however, in the main.tf of the example, it shows how the code can be modified to use it.
tl;dr change ssmclient.ShellSession(cfg, tgt)
to ssmclient.ShellPluginSession(cfg, tgt)
in main.tf for the ssm-shell example and recompile. That should have working KMS session support (since it's using AWS's own code for the session)
@mmmorris1975 I am using ssm-shell
from the examples
Thanks @surajnarwade! If you're willing to do so, would you mind making the change referenced above locally to see if a KMS session can be started?
@mmmorris1975 sure thing, will give it a go
@mmmorris1975 I'm happy to let you know that, with the above changes you mentioned. I tried it out, and it is working as intended: https://github.com/surajincloud/kubectl-eks/pull/7.
I will raise a PR here to update the documentation. thank you so much for the amazing project 🙏
I recieved this error while trying to ssm-shell sessions encrypted with KMS
----------ERROR------- Encountered error while initiating handshake. Handshake timed out. Please ensure that you have the latest version of the session manager plugin
The actual session manager plugin i believe provides support for this. im actively playing with a forked repo to get it working and i will provide a merge request. Any help on this would be greatly appreciated. Thank you!