aws-rce

aws-rce

adhoc remote execution in aws lambda

github.com/nathants/aws-rce

why

sometimes remote code execution is exactly what's needed, like for continuous integration.

what

adhoc execution in lambda with streaming logs, exitcode, and 15 minutes max duration.

deploy

go install github.com/nathants/cli-aws@latest
cp env.sh.template env.sh # update values
bash bin/check.sh         # lint
bash bin/deploy.sh        # ensure aws infra and deploy prod release
bash bin/dev.sh           # rapidly iterate by updating lambda zip
bash bin/cli.sh -h        # interact with the service via the cli

deploy with docker

cp env.sh.template env.sh # update values
docker build -t aws-rce:latest .
docker run -it --rm \
    -v $(pwd):/code \
    -e AWS_DEFAULT_REGION \
    -e AWS_ACCESS_KEY_ID \
    -e AWS_SECRET_ACCESS_KEY \
    aws-rce:latest \
    bash -c '
        cd /code
        bash bin/deploy.sh
    '

go install cli client

go install github.com/nathants/aws-rce@latest
export AUTH=$AUTH
export PROJECT_DOMAIN=$DOMAIN
~/go/bin/aws-rce exec whoami

examples

  • whoami

    >> bash bin/cli.sh exec whoami
    sbx_user1051
    
  • download and run a binary

    >> bash bin/cli.sh exec -- bash -c 'cd /tmp && curl -L https://github.com/peak/s5cmd/releases/download/v1.4.0/s5cmd_1.4.0_Linux-64bit.tar.gz | tar xfz - && ./s5cmd -h | head -n5'
    exec/exec.go:125: waiting 9f78c457-7fd1-4459-baec-e3510a9dea29 2022-01-31 15:17:49.045568486 -1000 HST m=+0.730464864
    exec/exec.go:125: waiting 9f78c457-7fd1-4459-baec-e3510a9dea29 2022-01-31 15:17:50.202140345 -1000 HST m=+1.887036728
    exec/exec.go:125: waiting 9f78c457-7fd1-4459-baec-e3510a9dea29 2022-01-31 15:17:51.352839698 -1000 HST m=+3.037736085
      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                     Dload  Upload   Total   Spent    Left  Speed
    100   667  100   667    0     0   3206      0 --:--:-- --:--:-- --:--:--  3923
    100 3856k  100 3856k    0     0  1650k      0  0:00:02  0:00:02 --:--:-- 1883k
    NAME:
       s5cmd - Blazing fast S3 and local filesystem execution tool
    
    USAGE:
       s5cmd [global options] command [command options] [arguments...]
    
  • checkip from multiple simultaneous executions

    >> for i in {1..5}; do bash bin/cli.sh exec -- curl -s checkip.amazonaws.com & done
    52.34.141.29
    54.202.6.176
    34.221.149.14
    34.219.161.143
    34.219.244.139
    
  • browser client