I have been clicking through the Session Manager console. Pretty neat.
The next question I have with this - I *think we should be able to connect using SSH from an outside SSH client. Meaning, I have a client on my desktop (The client I use is called Putty). So, is it possible to connect from desktop through session manager instead of having to login to the console?
The end goal for this: In production we have a linux system that an outside marketing company connects to using SSH. Right now, we just have that system accessible to them through a public IP address. It would be more secure to use Session Manager within Systems Manager to do their connections. Session Manager would also allow us to log all activity on the system while they were logged in. But we'll worry about that later.
For now, just need to know if it's possible to connect through session manager to the instance using SSH from an external source like my desktop. And if so, how? )
You use Session Manger from your browser, or you can install a CLI Session Manager plugin. I didn't know that one until JScott pointed it out in the comments.
From the desktop you typically use SSH with all the things that go with that - internet gateway, security, routing, security groups, etc.
AWS CLI supports session manager, if you install the session manager plugin for CLI. You can start a session from your command line with
aws ssm start-session --target [instanceid]. This does not require the SSH key for the instance, but you do need IAM permissions to start a session.You can also configure your SSH client to tunnel ssh and scp commands through systems manager. This article provides a good set of instructions. If you want to do it this way, you will need the SSH key for the EC2 instance as well as the appropriate IAM permissions.