In today’s fast-paced digital world, managing multiple sessions and access to various systems can be daunting. Traditional methods of handling sessions, such as using multiple SSH connections or relying on third-party tools, can be cumbersome and pose security risks. Enter the AWS Session Manager, a modern solution simplifying session management, enhancing security and streamlining workflows for system administrators and developers.
Features & Advantages
- Centralized Access Control: AWS Session Managers offer centralized access control, making managing and monitoring user access to different systems easier. Administrators can define granular permissions based on roles and users, ensuring only authorized personnel can access sensitive resources.
- Audit Trails and Logging: AWS Session Managers provide detailed audit trails and logs of all session activities. This feature enhances accountability and helps to investigate and resolve security incidents effectively.
- Multi-Platform Support: A robust AWS Session Manager supports various operating systems and cloud environments, making it versatile across different infrastructures.
- No need for Inbound Ports: Unlike traditional SSH, AWS Session Managers require no inbound ports, eliminating the need for complicated network configurations and reducing the attack surface.
- Seamless Integration: AWS Session Managers can be easily integrated with existing identity providers, making it convenient to leverage existing user directories for authentication.
Pioneers in Cloud Consulting & Migration Services
- Reduced infrastructural costs
- Accelerated application deployment
- Remote Server Administration: System administrators can manage and troubleshoot servers located anywhere, reducing the need for physical access and saving time and resources.
- DevOps and CI/CD Pipelines: Integrating AWS Session Managers into DevOps workflows allows developers to securely access build environments, deployment servers, and other resources.
- Troubleshooting Production Issues: Developers and support teams can quickly diagnose and resolve production issues by accessing the required servers securely.
You must manually install SSM Agent on Amazon EC2 instances created from other versions of Linux AMIs. Below are the AMIs that come pre-installed.
- Amazon Linux Base AMIs dated 2017.09 and later.
- Amazon Linux 2
- Amazon Linux 2 ECS-Optimized Base AMIs
- Amazon Linux 2023 (AL2023)
- Amazon EKS-Optimized Amazon Linux AMIs
- macOS 10.14.x (Mojave), 10.15.x (Catalina), and 11.x (Big Sur)
- SUSE Linux Enterprise Server (SLES) 12 and 15
- Ubuntu Server 16.04, 18.04, and 20.04
- Windows Server 2008-2012 R2 AMIs published in November 2016 or later.
- Windows Server 2016, 2019, and 2022
Step 1 – SSH into the server to install the SSM agent and paste the following command to check if the agent is installed.
Step 2 – Enter the following command to install the SSM agent and Verify the installation by entering the above command (from Step1)
Note:- If the SSM agent is not there on EC2-server, please use the following command to install the SSM agent.
sudo dpkg -i amazon-ssm-agent.deb
sudo systemctl start amzon-ssm-agent
sudo systemctl enable amazon-ssm-agent
sudo systemctl status amazon-ssm-agent
If the above command does not work so use the following command.
sudo snap install amazon-ssm-agent –classic
sudo apt-get install snapd
sudo snap start amazon-ssm-agent
sudo snap services amazon-ssm-agent
Step 3 – Go to the AWS IAM console and click on the role
Step 4 – Create an AWS Identity and Access Management (IAM) instance profile to use with SSM Agent.
Step 5 – Choose the Amazon EC2, click on the action section, then choose Security and Modify AWS IAM role. In the AWS IAM Instance Profile dropdown list, select the instance profile you created in Step 4.
Step 6 – Open the AWS Systems Manager console. In the navigation pane, choose Fleet Manager.
Step 7 – Choose the Settings tab, and then choose Auto-update SSM Agent under Agent auto-update.
Note: The Auto update SSM Agent setting applies to all the managed nodes in the Region where this setting is configured.
Step 8 – Go to the Amazon EC2 Dashboard, select Amazon EC2, click Connect and choose AWS Session Manager.
For more information on installing SSM Agent, visit https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-manual-agent-install.html
AWS Session Manager is a powerful tool that simplifies session management, enhances security, and streamlines workflows for developers and system administrators. By centralizing access control, providing detailed audit trails, and streamlining development processes, AWS Session Managers offer a secure and efficient solution for modern IT environments. Embracing this technology empowers organizations to stay competitive, respond rapidly to changing needs, and protect sensitive data effectively.
Drop a query if you have any questions regarding AWS Session Manager and we will get back to you quickly.
Making IT Networks Enterprise-ready – Cloud Management Services
- Accelerated cloud migration
- End-to-end view of the cloud environment
CloudThat is an official AWS (Amazon Web Services) Advanced Consulting Partner and Training partner and Microsoft Gold Partner, helping people develop knowledge of the cloud and help their businesses aim for higher goals using best in industry cloud computing practices and expertise. We are on a mission to build a robust cloud computing ecosystem by disseminating knowledge on technological intricacies within the cloud space. Our blogs, webinars, case studies, and white papers enable all the stakeholders in the cloud computing sphere.
1. Can AWS Session Managers be used with on-premises servers or only in the cloud?
ANS: – AWS Session Managers are versatile and can be used with cloud-based instances and on-premises servers, providing a unified approach to session management across different infrastructures.
2. How does AWS Session Manager enhance security for my organization?
ANS: – AWS Session Managers enhance security by encrypting all communications, eliminating the need for SSH keys, and providing centralized access control. Detailed audit trails and logs help administrators monitor user activities and investigate security incidents effectively.
3. What platforms and environments do AWS Session Managers support?
ANS: – A robust AWS Session Manager typically supports various operating systems, including Windows, Linux, and MacOS, and is compatible with popular cloud providers such as AWS, Azure, and Google Cloud Platform.
WRITTEN BY Bavan M Y