Skip to content

different-technology/aws-http-knocking

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

AWS HTTP Knocking

This repository provides terraform modules for an HTTP Knocking mechanism for AWS security groups (firewalls).
It's a cloud-based serverless alternative to port knocking.

Idea

Before connecting to a non-public service, hosted on AWS (e.g. SSH, Remote Desktop, ... - on an EC2 instance) which is disabled by the firewall (= AWS security group) we do something like a port knocking.
By requesting a specific URL with an HTTP GET request, the Lambda function will add an inbound rule to the security group and grant access for the requesting IP and a defined port.
A second Lambda is called regularly by CloudWatch to remove all inbound rules for the defined port.

Notice: HTTP Knocking is of course just an (optional) second factor for an authentication.
! A primary authentication method is always required !

Module: api_gateway_open_firewall

This module provides an API Gateway for REST calls to open the firewall.

Example

GET request to the API:

Endpoint: https://domain.com/base-path/open
Method: GET

Module: firewall_open

This module provides the Lambda infrastructure to open the firewall.

Module: firewall_cleanup

This module provides the CloudWatch & Lambda infrastructure to close the firewall regularly.

Development

Deploy infrastructure

Install https://github.com/tfutils/tfenv

Prepare

tfenv install

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published