Using AWS SSM as a VPN Replacement. Extending docker/sdk with PAAS Commands POC
Hello 🖖
My name is Winston, and I work within the Spryker Cloud Center Operations (CCO) team. We assist our customers with their technical problems and questions about Spryker products (including PAAS)
We often receive requests for VPN accounts. Currently, a customer/developer/user can only connect to their PAAS services by being connected to the VPN
I have always enjoyed solving problems, and I created a POC where I replaced the VPN with AWS SSM. I then extended the docker/sdk by creating a PAAS section and added the following PAAS/Cloud commands
paas | cloud environments List PAAS Environments paas | cloud service-details --environment=ENVIRONMENT_NAME service [database storage ..] List PAAS Environment Service Details. See output from environments command. Services: database storage search scheduler broker paas | cloud create-tunnel --environment=ENVIRONMENT_NAME service [database storage ..] Create AWS SSM Tunnels to one or more PAAS Environment Services. See output from environments command. Services: database storage search scheduler broker paas | cloud close-tunnel Close ALL Active AWS SSM Tunnels
The above commands will interface with your PAAS environment, by displaying details about the services within your environment. And, it will allow you to open AWS SSM tunnels using AWS-StartPortForwardingSessionToRemoteHost
Using AWS SSM, a user will not need to request VPN access, nor will they need to renew it as it expires yearly. There are also a few other pain points with the VPN. Sometimes corporate email servers block, or obfuscate the VPN Certificate
My code changes are here
https://github.com/spryker/docker-sdk/compare/master...winstonnolan-spryker:docker-sdk:feature/paas
These features already work for Spryker Employees, but there are a few minimal changes required for these features to work for our customers
I am creating this post to gauge your interest in this feature and to show you an alternative to the VPN
I enjoyed getting to learn and extend the docker/sdk <3
Let me know what you think!
Categories
- All Categories
- 42 Getting Started & Guidelines
- 7 Getting Started in the Community
- 8 Additional Resources
- 7 Community Ideas and Feedback
- 76 Spryker News
- 930 Developer Corner
- 788 Spryker Development
- 89 Spryker Dev Environment
- 362 Spryker Releases
- 3 Oryx frontend framework
- 35 Propel ORM
- 68 Community Projects
- 3 Community Ideation Board
- 30 Hackathon
- 3 PHP Bridge
- 6 Gacela Project
- 26 Job Opportunities
- 3.2K 📜 Slack Archives
- 116 Academy
- 5 Business Users
- 370 Docker
- 551 Slack General
- 2K Help
- 75 Knowledge Sharing
- 6 Random Stuff
- 4 Code Testing
- 32 Product & Business Questions
- 70 Spryker Safari Questions
- 50 Random