Add Session Manager Support

[thheinen]

Describe the Enhancement:

The current implementation via AWS Run Commands only enables execution via the default SSM user (meaning administrative privileges). In addition, it is only possible to execute commands but not use the file upload/download options of Train.

Describe the Need:

Implementing Session Manager support will allow least privileges and full Train functionality.

It isn't trivial to add, as Session Manager mainly does port forwarding, meaning the SSH and WinRM transports will probably be needed under the hood as well?

Current Alternative

none

[aaronlippold]

Any recent work on this? I have some folks interested in this and perhaps we can work together on it. Also, your inspec-rest work is very interesting

[thheinen]

Currently, there is no progress on this one as I have no direct customer asking for that. This makes justification to invest time a bit hard internally.

The same is true for REST :sweat_smile:

[aaronlippold]

If you’re still working for progress, I may be able to help with that. Progress and The MITRE Corporation have a partnership which we may be able to use to help justify some of that time. If you’re doing Independent Consultant, I might have other avenues we could explore. Feel free to reach out.

(alippold at mitre.org)

On Thu, Apr 7, 2022 at 04:45 Thomas Heinen @.***> wrote:

Currently, there is no progress on this one as I have no direct customer asking for that. This makes justification to invest time a bit hard internally.

— Reply to this email directly, view it on GitHub https://github.com/tecracer-chef/train-awsssm/issues/3#issuecomment-1091339721, or unsubscribe https://github.com/notifications/unsubscribe-auth/AALK42FKA7W76NGE5TXRWALVD2ODJANCNFSM4TFHFLPQ . You are receiving this because you commented.Message ID: @.***>

--

Aaron Lippold

@.***

260-255-4779

twitter/aim/yahoo,etc. 'aaronlippold'