DEV Community

mostafamedhat1983
mostafamedhat1983

Posted on

CONNECT TO EC2 USING SESSION MANAGER- A SIMPLE GUIDE

To be able to connect to ec2 instance using session manager, SSM agent must be installed on this instance.

some AMIs come with SSM agent already preinstalled:

Amazon Linux Base AMIs dated 2017.09 and later
Amazon Linux 2
Amazon Linux 2 ECS-Optimized Base AMIs
Amazon Linux 2023 (AL2023)
Amazon EKS-Optimized Amazon Linux AMIs
macOS 10.14.x (Mojave), 10.15.x (Catalina), and 11.x (Big Sur)
SUSE Linux Enterprise Server (SLES) 12 and 15
Ubuntu Server 16.04, 18.04, 20.04, and 22.04
Windows Server 2008-2012 R2 AMIs published in November 2016 or later
Windows Server 2016, 2019, and 2022

you can also check these guides to install SSM agent on your instance:

-For win server:
https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-install-win.html

-For Linux :
https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-manual-agent-install.html


-first you need to create a role to enable ec2 to use AWS Systems Manager service core functionality.

-Navigate to IAM, Roles then create role

create role step 1

-select EC2 then Next

create role step 2

-search for AmazonSSMManagedInstanceCore policy ancd check it then Next

create role step 3

  • enter the role name then Next

create role step 4.1

create role step 4.2

role is now created

role created

-when launching EC2 instance at the end of the page click Advanced details

EC2 launch 1

-in advanced details select IAM instance profile and choose the role you created

EC2 launch 2

-Navigate to EC2 ,instances. then check your EC2 instance and click connect

connect 1

-choose Session Manager then Connect

connect 2

-you are now connected to your EC2 instance using session manager

Image description

if the EC2 instance was already created you have to modify its IAM role

-Navigate to EC2, Instances and click on your EC2 intance , Actions , Security then Modify IAm role

EC2 already created 1

-after that choose the role you created and click Update IAM role

EC2 already created 2

connecting to EC2 using session manager is more secure than using SSH as session manager doesnt need an open port to connect

Top comments (0)