This message was deleted.
# aws
s
This message was deleted.
b
this is a networking problem, you either need to use a bastion/jumpbox or a vpn
l
Commands for initialization can also be handled through SSM (aws.ssm has the Document and Association resources that you'd need for this approach), or you can use userdata (cloud-init package's GetConfig function is the way to go here).
g
You also pair pulumi's
command.local.Command
to use the aws CLI to invoke handy built-in AWS SSM / Systems Manager features, like running remote commands/scripts, or starting a port forwarding session. One of the nice parts of this approach is that your automations never touch your SSH keys...but there are some pre-reqs for using Systems Manager.
l
And you still need access, since the command does run on the machine. cloud-init and SSM documents run on the machine itself, which makes it handy if the machine is on an isolated subnet, for example.