Open in app

Sign in

Write

Sign in

Enabling Session Manager on an EC2 instance.

Nipulpatel
3 min readFeb 25, 2024

--

The AWS EC2 and SSH connection always go hand in hand. As a DevOps engineer, you would always want to connect to your EC2 instance via SSH and perform various tasks.

To connect EC2 via SSH, we must add an inbound rule for port 22 and specify range address. Many times, engineers leave port open to “0.0.0.0/0” even though AWS console warns about it. (Who takes warning seriously unless there is an error, right?). The open SSH port could lead to an attack from outside and thus its very important to secure it.

The AWS System Manager service has introduced new feature called “Session Manager” which allow users to connect to their EC2 without enabling SSH port. Yes, no open port for SSH i.e. port 22 and still we can connect to EC2 instance with SSH terminal!

tep-1:- Go to the #IAM (Identity and Access Management) console: https://console.aws.amazon.com/iam/

Step-2:- Click on “Roles” in the left sidebar and then click on “Create role”.

Step-3:- For “Select type of trusted entity”, choose “AWS service” and then “EC2” as the trusted entity . Click “Next: Permissions”.

Step-4:- In the “Attach permissions policies” search box, type “AmazonSSMManagedInstanceCore” and check the box next to it. This policy provides the necessary permissions for Session Manager.

Step-5:- Alternatively, if you need to grant all Systems Manager permissions, you can attach the “AmazonSSMFullAccess” policy instead.

Step-6:- Click “Next: Tags” to add any relevant tags if needed. Provide a name for the role and optionally add a description.Then Click on “Create role” to create the IAM instance profile.

  • Associate the newly created #IAM role with your EC2 instance:

Step-7:- Go to the EC2 Instances page:https://console.aws.amazon.com/ec2/. and Select the EC2 instance you want to enable Session Manager for by checking the checkbox next to it.

Step-8:- Click on “Action” in the upper menu, then select “security”, and finally click on “Modify IAM role”.

Step-9:- In the “IAM role” dropdown, select the #IAM role you created in the previous step.Next Click “Save” to associate the role with the instance.

Step-10:- In the #EC2 Instances page, select the instance for which you enabled Session Manager. Click on “Connect” at the top of the page.

Step-11:- In the “Connect to instance” section, choose the “Session Manager” tab. Click on the “Connect” button to initiate the Session Manager connection to the instance.

Step-12:- A new browser window will open, showing the command-line interface of your EC2 instance through Session Manager like below.

Conclusion:-

That’s it! You have now successfully set up and connected to your #EC2 instance using #AWS Systems Manager Session Manager. This method allows you to access your instances without the need for #SSH/RDP, making it more #secure and manageable.

#session manager #aws

thank you for reading !!!!

--

--

Nipulpatel
Nipulpatel

Written by Nipulpatel

31 Followers
9 Following

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams