Connecting to AWS EC2 instances via Session Manager

When folks have needed command line access to instances running in Amazon Web Service’s EC2 service, SSH has been the usual method used. However, in addition to using SSH to connect to EC2 instances in AWS, it is also possible to connect remotely via Session Manager, one of the services provided by AWS’s Systems Manager tool.

Session Manager uses the Systems Manager agent to provide secure remote access to the Mac’s command line interface without needing to change security groups and allow SSH access to the instance. In fact, Session Manager allows remote access to EC2 instances which have security groups configured to allow no inbound access at all. For more details, please see below the jump.

To access EC2 instances via Session Manager, please use the procedure shown below:

1. Verify that the Systems Manager agent is installed and configured properly.
2. Select the desired EC2 instance.

3. Click the Connect button.

4. In the Connect to instance window, select the Session Manager tab then click the Connect button.

5. A new browser window will open up.

Note: The active user at this point is the Systems Manager agent’s user account, which is ssm-user.

To get access to the ec2-user account (the default account used on most EC2 instances running macOS or Linux), you’ll need to switch accounts. To do this, run the command shown below to change to the ec2-user account:

sudo su ec2-user

6. You should now be logged in as the ec2-user account.

To close the remote session, use the procedure shown below.

1. Verify that all work has been completed.
2. Click the Terminate button.

3. When prompted for confirmation, click the Terminate button.