![]() ![]() EC2 instance connects to AWS SSM service and awaits instructions.(laptop) ~ $ ssm-tunnel some-instance -route 172.31.0.0/16 ssm-tunnel explained TL DR □ (laptop) ~ $ sudo pip3 install aws-ssm-tools Also create a new Amazon Linux 2 EC2 instance, t3.nano is good enough and make sure you can successfully login to it with ssm-session some-instance. From now on I assume that you’ve got all the connectivity, SSM permissions, plugins, etc sorted. To get started refer to my other post about ssm-session script. Linux laptop (or Linux VM if you’ve got Windows or Mac OSX laptop) with aws-ssm-tools package that provides the script ssm-tunnel from pip and SSM Session Manager plugin installed.Linux EC2 instance registered in AWS Systems Managers (SSM) in the target VPC.It is even encrypted so we can call it a SSM VPN □ Ssm-tunnel makes a creative use of the AWS Systems Manager (SSM) Session protocol to tunnel IP traffic between your laptop and your VPC. Sometimes, however, it’s inconvenient or difficult to achieve a direct connectivity ad-hoc – maybe you are in a location where your VPN is filtered, or from where the Bastion host Security Group won’t allow access but you still need access to the RDS for example. To access them we need a network connectivity – either through a VPN, Direct Connect, or through a Jump / Bastion Host. EC2 instances, RDS database and many other resources reside in VPCs.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |