A CLI tool for easy access to ECS containers
ecssh is a Go-based CLI tool that provides quick SSH-like access to ECS containers using AWS ECS Execute Command. Simply specify a cluster name and task name pattern to connect to running containers.
- AWS CLI installed and configured
- AWS Session Manager Plugin installed (only required when using
--backend plugin) - Proper AWS credentials configured
- Go 1.25+ (for manual installation only)
- Required AWS permissions:
ecs:ListClustersecs:DescribeClustersecs:ListTasksecs:DescribeTasksecs:ExecuteCommand
# Install to current directory
curl -L https://raw.githubusercontent.com/nihen/ecssh/main/install.sh | bash
# Install to specific directory (requires sudo for system directories)
curl -L https://raw.githubusercontent.com/nihen/ecssh/main/install.sh | ECSSH_INSTALL_DIR=/usr/local/bin bash# Clone the repository
git clone https://github.com/nihen/ecssh.git
cd ecssh
# Build binaries
./build.sh
# Copy to PATH (optional, choose the binary for your platform)
# e.g., macOS Apple Silicon: sudo cp dist/ecssh-darwin-arm64 /usr/local/bin/ecssh
# e.g., Linux x86_64: sudo cp dist/ecssh-linux /usr/local/bin/ecssh# Connect using cluster name and task name pattern
ecssh my-cluster web-app
# Connect using cluster, task name pattern, and container filter
ecssh my-cluster web-app sidekiq
# Connect using environment variables
export ECSSH_CLUSTER_ID=my-cluster
export ECSSH_TASK_NAME=web-app
export ECSSH_CONTAINER_FILTER=sidekiq
ecssh# Show help
ecssh help
# List all ECS clusters
ecssh list clusters
# List tasks in a specific cluster
ecssh list tasks my-cluster-f, --force- Automatically connect to first container when multiple exist-v, --verbose- Show detailed execution logs-c, --command COMMAND- Command to execute in the container (default: /bin/bash)-b, --backend BACKEND- Select connection backend:native(default) orplugin. Thenativebackend doesn't require session-manager-plugin.
# Connect to production web service
ecssh production-cluster web-service
# Connect to staging API with force mode
ecssh -f staging-cluster api-service
# Connect to development worker with verbose mode
ecssh -v development-cluster worker
# Connect to specific container (sidekiq) in web service
ecssh production-cluster web-service sidekiq
# Filter containers using environment variable
export ECSSH_CONTAINER_FILTER=nginx
ecssh production-cluster web-service
# Run a one-liner command in the container
ecssh -c "ls -la /app" production-cluster web-service
# Use sh instead of bash
ecssh -c "/bin/sh" production-cluster web-service
# Check clusters before connecting
ecssh list clusters
ecssh list tasks production-cluster
ecssh production-cluster web-service- Retrieves running tasks from the specified cluster
- Filters by task definition name (partial match)
- Selects the first matching task
- Lists containers in the task
- Filters containers by name if container filter is provided (partial match)
- Shows selection menu for multiple containers (auto-select with
-f) - Connects using AWS ECS Execute Command
- Verify cluster name is correct
- Ensure tasks are in RUNNING state
- Check task list with
ecssh list tasks CLUSTER_NAME
- Verify task definition name pattern
- Remember it uses partial matching
- Ensure AWS CLI is properly installed
- Verify AWS credentials:
aws sts get-caller-identity - Check required IAM permissions
- Ensure Session Manager Plugin is installed
- Verify Execute Command is enabled for ECS tasks
ECSSH_CLUSTER_ID- Default ECS cluster nameECSSH_TASK_NAME- Default task name patternECSSH_CONTAINER_FILTER- Default container name filter (v0.0.2+)ECSSH_COMMAND- Command to execute in the container (v0.0.3+)ECSSH_BACKEND- Connection backend:native(default) orplugin(v0.0.4+)
- macOS (Intel & Apple Silicon)
- Linux (x86_64 & ARM64)
- Windows (x86_64 & ARM64)
MIT License