Beam 0.1.3

* Fixed: RDS Cluster port-forwarding * Improve bastion to resources (EKS, RDS) resource matching based on VPC --------- Signed-off-by: Avi Zetser <avi@entitle.io> Co-authored-by: Dennis Zagiansky <dennis@entitle.io>
entitleio · Nov 19, 2023 · 83ee616 · 83ee616
1 parent fe9a5bb
commit 83ee616
Show file tree

Hide file tree

Showing 5 changed files with 17 additions and 10 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,10 @@
 # Change Log
 
+## [0.1.3] - 2023-11-19
+
+- Fixed: RDS Cluster port-forwarding
+- Improve bastion to resources (EKS, RDS) resource matching based on VPC
+
 ## [0.1.2] - 2023-11-15
 
 - Improve AWS rate limit handling by starting AWS SSM port-forwarding session using boto3 client instead of AWS CLI

diff --git a/beam/aws/models.py b/beam/aws/models.py
@@ -18,6 +18,7 @@ class Boto3SessionConfig(DataClassJsonMixin):
     _session: Optional[boto3.Session] = field(init=False, default=None, metadata=config(exclude=lambda x: True,
                                                                                         encoder=lambda x: None,
                                                                                         decoder=lambda x: None))
+    vpc_id: Optional[str] = None
 
     def get_session(self) -> boto3.Session:
         if self._session is None:
@@ -32,6 +33,7 @@ class AwsEksInstance:
     name: str
     endpoint: str
     arn: str
+    vpc_id: Optional[str] = None
 
 
 @dataclass
@@ -45,6 +47,7 @@ class AwsRdsInstance:
     identifier: str
     endpoint: str
     port: int
+    vpc_id: Optional[str] = None
 
     @property
     def local_port(self) -> int:

diff --git a/beam/aws/utils.py b/beam/aws/utils.py
@@ -96,7 +96,7 @@ def get_all_eks_clusters(session: boto3.Session, tags: Optional[dict[str, str]]
             if not match_tags(cluster['tags'], tags):
                 continue
 
-            eks_list.append(AwsEksInstance(cluster['name'], cluster['endpoint'], cluster['arn']))
+            eks_list.append(AwsEksInstance(cluster['name'], cluster['endpoint'], cluster['arn'], cluster['resourcesVpcConfig']['vpcId']))
         except (client.exceptions.ResourceNotFoundException, client.exceptions.InvalidParameterException):
             logger.exception(f'Error describing cluster {cluster_name}')
         except Exception as e:
@@ -144,19 +144,19 @@ def get_all_rds_resources(session: boto3.Session, tags: Optional[dict[str, str]]
             continue
         instance_resources.append(AwsRdsInstance(instance['DBInstanceIdentifier'],
                                                  instance['Endpoint']['Address'],
-                                                 int(instance['Endpoint']['Port']))
+                                                 int(instance['Endpoint']['Port']), instance['DBSubnetGroup']['VpcId'])
                                   )
     cluster_resources = []
     for cluster in available_clusters:
         # apply user filtering
         if name_regex:
-            if not fnmatch.fnmatch(cluster['DBInstanceIdentifier'], name_regex):
+            if not fnmatch.fnmatch(cluster['DBClusterIdentifier'], name_regex):
                 continue
 
         if not match_tags(cluster['TagList'], tags):
             continue
 
-        cluster_resources.append(AwsRdsInstance(cluster['DBInstanceIdentifier'],
+        cluster_resources.append(AwsRdsInstance(cluster['DBClusterIdentifier'],
                                                 cluster['Endpoint'],
                                                 int(cluster['Port']))
                                  )
@@ -225,10 +225,12 @@ def process_region(session_config: Boto3SessionConfig, region: str, beam_config:
 
     for bastion in region_bastions:
         for eks in ekss:
-            bastion.add_eks_instance(eks)
+            if eks.vpc_id == bastion.vpc_id:
+                bastion.add_eks_instance(eks)
 
         for rds in rdss:
-            bastion.add_rds_instance(rds)
+            if rds.vpc_id == bastion.vpc_id:
+                bastion.add_rds_instance(rds)
 
     return region_bastions
 

diff --git a/beam/main.py b/beam/main.py
@@ -140,9 +140,6 @@ def run(config: str, force_scan: bool, eks: bool, rds: bool) -> None:
         for process in processes:
             process.kill()
 
-        # run 'pkill session-manager-plugin' to kill all ssm sessions
-        # subprocess.Popen(['pkill', 'session-manager-plugin'])
-
 
 @cli.command()
 @common_params

diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "beam"
-version = "0.1.2"
+version = "0.1.3"
 description = "AWS SSM made easy"
 authors = ["Entitle I.O", "Avi Zetser <avi@entitle.io>", "Dennis Zagiansky <dennis@entitle.io>"]
 maintainers = ["Avi Zetser <avi@entitle.io>", "Dennis Zagiansky <dennis@entitle.io>"]