xen0l
Support `CNAME` dns records
I have a a CNAME that points to ip-snip.snip.compute.internal
$ dig bastion.snip.com
;; QUESTION SECTION:
;bastion.snip.com. IN A
;; ANSWER SECTION:
bastion.snip.com. 77 IN CNAME ip-snip.snip.compute.internal.
I can ssm directly to ip-snip.snip.compute.internal
aws-gate session ip-snip.snip.compute.internal
but I cannot do this
aws-gate session bastion.snip.com
Hey @nitrocode, unfortunately, this is not easy. aws-gate requires that the resulting name identifier translates to instance iD or something that we can use to search EC2 API for instance.
If we added support for DNS query, we wouldn't be able to always guarantee that the CNAME record points to an AWS-managed record. With that in mind, I don't see how to implement this without breaking the current semantic. Thoughts?
if it's in a form that doesn't match the ip.*compute.internal (and similar regexes) then we could assume a dns entry is passed in, no? or perhaps there could be an additional option for --dns which could then run a dig on the dns record and search for the ec2 instance id. This way it's backwards compatible if the switch is unspecified.