Search…
Getting Started
Introduction
Quick start
Web Shell
Getting started
Deploying Cased Shell
Cased Shell Admin Portal
Configuring your Cased Shell instance
Accessing a remote host
Exiting out of a host
Host and container auto-detection
SSH Certificates
Live SSH session sharing
Monitor active SSH sessions
SSH Session replays
Session exports
Web Browser Capabilities
Snippets
Groups and Permissions
Downloading files
Persistent, pluggable storage
Security Design
Environment Variables
SAML setup
PagerDuty
Web Shell Approvals
Overview
5 minute quick start
Workflow
Reporting
Activity
Audit log
Cased CLI Approvals
Overview
15 minute quick start
Getting started with the CLI
Working with the client on the Command Line
The Cased client (cased)
Use with Docker
Use with shell scripts
Configure an app
Installing the client on remote servers
Open Source
Terraform Provider
Terraform - Cased Shell on AWS
Cased CLI
Rails-approvals
Security
Managing API Keys
The system audit trail
Data subprocessors
Powered By GitBook
Terraform - Cased Shell on AWS
Module to setup Cased Shell on ECS, featuring end-to-end encryption, and using a Network Load Balancer.

terraform-aws-cased-shell-ecs

Module to setup Cased Shell on ECS, featuring end-to-end encryption, and using a Network Load Balancer. https://github.com/cased/terraform-aws-cased-shell-ecs​

Example

module "cased-shell" {
source = "cased/terraform-aws-cased-shell-ecs"
version = "~> 0.3.0"
​
# The environment, and the id of the vpc and the cluster where the service will run
env = "prod"
vpc_id = vpc.id
cluster_id = mycluster.id
​
# Subnets and secgroups for the service
vpc_subnet_ids = [subnet1.id, subnet2.id]
security_group_ids = [securitygroup1.id, securitygroup2.id]
​
# The hostname for Cased Shell
hostname = "webshell.example.com"
​
# For security, this must be the ARN of an aws_secretsmanager_secret, not the actual secret string
cased_shell_secret_arn = your_shell_secret.arn
​
# Set up a hostname with route53 automatically
zone_id = your_zone.id
}

Documentation

Host Auto-discovery

By default, the hosts a Cased Shell instance can be used to access are configured in the Cased App. Enabling host auto-discovery by setting host_autodiscovery to true grants the ECS task running Cased Shell access to the ec2:DescribeInstances API call in your account, allowing the Cased Shell instance to query the AWS API and dynamically update this set of hosts instead. The host_autodiscovery_descriptive_tag variable can be set to the name of a resource tag like Name or aws:autoscaling:groupName to include alongside the hostname, and the host_autodiscovery_tag_filters variable can be used to filter the set of instances displayed. By default, all instances in the same region as the Cased Shell instance are included.

Example

module "cased-shell" {
source = "cased/terraform-aws-cased-shell-ecs"
version = "~> 0.3.0"
​
# The environment, and the id of the vpc and the cluster where the service will run
env = "prod"
vpc_id = vpc.id
cluster_id = mycluster.id
​
# Subnets and secgroups for the service
vpc_subnet_ids = [subnet1.id, subnet2.id]
security_group_ids = [securitygroup1.id, securitygroup2.id]
​
# The hostname for Cased Shell
hostname = "webshell.example.com"
​
# For security, this must be the ARN of an aws_secretsmanager_secret, not the actual secret string
cased_shell_secret_arn = your_shell_secret.arn
​
# Set up a hostname with route53 automatically
zone_id = your_zone.id
​
# Automatically display all instances with a `cluster` tag that matches `*test*` in host dropdown list,
# including the value of `aws:autoscaling:groupName` to help users find the right instance.
host_autodiscovery = true
host_autodiscovery_descriptive_tag = "aws:autoscaling:groupName"
host_autodiscovery_tag_filters = [{
name = "cluster"
values = [
"*test*"
]
}]
​
}

Development

make will generate docs, format source, and run tests.
Open Source - Previous
Terraform Provider
Next - Open Source
Cased CLI
Last modified 7mo ago
Copy link
On this page
terraform-aws-cased-shell-ecs
Example
Documentation
Host Auto-discovery
Example
Development