AWS Systems Manger’s Session Manager tool lets you securely manage and administer your Amazon Elastic Compute Cloud (Amazon EC2) instances, edge devices, on-premises servers, and virtual machines (VMs). With Systems Manager’s Session Manager, you do not need to configure bastion hosts (jump boxes) in the public subnet of your Amazon Virtual Private Cloud (Amazon VPC) or open any unnecessary inbound ports such as port 22 (SSH) or port 3389 (RDP).
You can even perform port forwarding for redirections, configure SSH connection through the session manager which is useful for file transfer and even enables RDP interactions using Session Manager. This means you get the same functionality without the security risk of opening inbound ports or managing additional bastion host servers.
In addition, Session Manager offers a granular logging service where your interaction with your compute resources is logged as stream data enabling you to offer a robust auditing feature. Finally, you can integrate Amazon Key Management Service (KMS) to encrypt traffic between your session manager service and your servers as well as ensure data encryption at rest.
Watch the video here:
You can access the sample IAM policies, KMS Key Policy Updates and Commands to complete the lab in our GitHub repository here: https://github.com/iaasacademy/aws-how-to-guide/tree/main/aws-session-manager
Additional Resources from IaaS Academy:
- AWS Certified Cloud Practitioner Exam Guide – https://amzn.to/3YJryw2
- AWS Certified Solutions Architect SAA-C03 – https://iaasacademy.com
- AWS How-To-Guides – https://iaasacademy.com/aws-how-to-guides/
- Book a career consultation with our senior trainers – https://calendly.com/rajdaswani/aws-cloud-career-consultantion
- Connect with me on LinkedIn – https://www.linkedin.com/in/rdcloudtech/