Metadata-Version: 2.1
Name: aws-portknock
Version: 0.1.2
Summary: Port knocking for AWS security groups
Home-page: https://github.com/michel-slm/aws-portknock
Author: Michel Lind
Author-email: michel@michel-slm.name
Keywords: aws portknock
Classifier: Development Status :: 4 - Beta
Classifier: Environment :: Console
Classifier: License :: OSI Approved :: Mozilla Public License 2.0 (MPL 2.0)
Classifier: Topic :: Security
Classifier: Topic :: Utilities
Description-Content-Type: text/markdown
License-File: LICENSE
License-File: AUTHORS.md
Requires-Dist: boto3
Requires-Dist: click

# aws-portknock #
Port knocking for AWS security groups

## "Port knocking" ##

Unlike the traditional port knocking utilities, this tool relies on
the caller having the rights, through Amazon Web Services' Identity
and Access Management roles, to modify a security group.

## Usage ##

```
$ aws-portknock --help
Usage: aws-portknock [OPTIONS]

Options:
  --port INTEGER  Port to open
  --profile TEXT  Configuration profile to use
  --sgid TEXT     Security group ID
  --help          Show this message and exit.
```

`aws-portknock` will determine the caller's public IP and add a rule
to the security group allowing access to the requested port from that
IP. It then sleeps until the user quits by using CTRL-C.

If a matching rule already exists, nothing happens on exit; otherwise,
that added rule is deleted when `aws-portknock` exits.

For repeated use, create `$HOME/.aws/portknock.ini` containing, for example:

```
[default]
sgid = sg-12abcdef
port = 22

[webprofile]
sgid = sg-12abcdef
port = 443
```
