erik / holepunch Goto Github PK
View Code? Open in Web Editor NEWPunch holes in your AWS security groups.
License: MIT License
holepunch's People
Contributors
Stargazers
Watchers
holepunch's Issues
Non-intuitive behavior for `--remove-existing`
Due to the way the AWS Security Group API works, we're only able to revoke security group rules which match exactly all the keys we pass in.
In the case of existing rules that conflict with what we add, the only thing differing may be the description field, still resulting in the groups failing to be removed.
Given that the flag is --remove-existing, this behavior is unexpected.
See: #22
https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RevokeSecurityGroupIngress.html
Add default "Holepunch" comment
Opening this issue to track a visibility-raising comment once Boto3 introduces support for the just-announced commenting for security groups.
Since 0.7.0 only IPv6 is added to the SG
Sorry for bothering again, but I upgraded to 0.7.1 for the botocore fix and now it only adds my external v6 address and I cannot connect to my servers via v4.
I see two solutions here:
- add both v4 and v6 to whitelist
- add a flag to choose the IP version on the commandline
Add option to remove configuration only.
Hi, I think that would be really valuable to have option such as: '--remove-only'.
I've noticed that sometimes network sessions / tokens (depends of configuration) - can expired and then holepunch is not able to remove configuration, becuase is returing only error:
Skipping existing permission: {"ToPort": 443, "IpProtocol": "tcp", "IpRanges": ...
No changes to make.So this means that my rule still exists - and I can't remove it. And running something like:
holepunch .... --remove-onlyCould remove rule if exists.
Upgrade botocore version
The latest awscli uses botocore-1.8.21 and then holepunch is not working anymore.
Add working with profiles from AWS
Would be nice to add functionallity to work with AWS profiles - like most of AWS commands are working: --profile XXX
Links:
Feature: Execute command instead of waiting
Instead of waiting for Ctrl+c I would love an option to run a subcommand and to close the ingress when this subcommand exits.
Use case: Run SSH to a host and wrap it with holepunch to open access
Proposed syntax: holepunch -c "ssh myserver" <mySecGrpId> 22
Feature Request: identify SG by ID rather than name
Rather than identifying the SG by name (I inherited a mess), it would be easier to quote the group ID.
Thanks.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.