Documentation
The standard configuration for SSM Session Manager is well documented in the AWS documentation
Summary
-
create VPC endpoints
- ec2messages.region.amazonaws.com
- ssm.region.amazonaws.com
- ssmmessages.region.amazonaws.com
- install SSM Agent on all EC2 instances
- install AWSCLIV2 in all EC2 instances
- add the AmazonSSMManagedInstanceCore policy the role assigned to each EC2 instance
Usage
Start an SSM session with the following command:
aws ssm start-session --target instance-idFor RDP it is necessary to forward remote port 3389 to a local port of your choice, then connect to local port using Microsoft Remote Desktop Connection (mstsc.exe) or a similar tool.
aws ssm start-session --target instance-id --document-name AWS-StartPortForwardingSession --parameters portNumber="3389",localPortNumber="56789"