AWS Session Manager Step by Step Tutorial: SSH | Port-Forward | Audit | Logs

Подписаться 49 тыс.

Просмотров 18 тыс.

50% 1

🔴 - To support my channel, I’d like to offer Mentorship/On-the-Job Support/Consulting - me@antonputra.com
▬▬▬▬▬ Experience & Location 💼 ▬▬▬▬▬
► I’m a Senior Software Engineer at Juniper Networks (12+ years of experience)
► Located in San Francisco Bay Area, CA (US citizen)
▬▬▬▬▬▬ Connect with me 👋 ▬▬▬▬▬▬
► LinkedIn: / anton-putra
► Twitter/X: / antonvputra
► GitHub: github.com/antonputra
► Email: me@antonputra.com
▬▬▬▬▬▬ Related videos 👨‍🏫 ▬▬▬▬▬▬
👉 [Playlist] Kubernetes Tutorials: • Kubernetes Tutorials
👉 [Playlist] Terraform Tutorials: • Terraform Tutorials fo...
👉 [Playlist] Network Tutorials: • Network Tutorials
👉 [Playlist] Apache Kafka Tutorials: • Apache Kafka Tutorials
👉 [Playlist] Performance Benchmarks: • Performance Benchmarks
👉 [Playlist] Database Tutorials: • Database Tutorials
=========
⏱️TIMESTAMPS⏱️
0:00 Intro
0:27 Demo
1:30 Create IAM Role and EC2 Instance
5:15 Create CloudWatch Log Group
6:25 Install AWS Session Manager Plugin
7:29 Create IAM Policy and IAM user
9:34 SSH to EC2 Instance
12:34 Port Forward from EC2 to localhost
=========
Source Code
📚 - Instructions: antonputra.com/amazon/aws-ses...
#AWS #SessionManager #DropBastion

Опубликовано:

11 июл 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 41

@AntonPutra Год назад

🔴 - To support my channel, I’d like to offer Mentorship/On-the-Job Support/Consulting - me@antonputra.com

@dancummings8178 2 года назад

Excellent. That's the clearest and cleanest security setup I've ever seen.

@AntonPutra 2 года назад

Appreciate that

@George-mk7lp 2 года назад

videos are way better with no background music. thanks for your hard work 👏

@AntonPutra 2 года назад

no more bg music :)

@stephenday4834 Год назад

I strongly agree with this comment. A lot of technical videos feel like listening to someone in a rock concert.

@monnombre6547 2 месяца назад

thank you!

@AntonPutra 2 месяца назад

welcome!

@abdelrahmanabdelfattah1092 3 года назад

great content, keep going

@AntonPutra 3 года назад

Thank you!

@daniellet9248 2 года назад

Great content and also well explained.

@AntonPutra 2 года назад

Thanks Danielle!

@muhammedafser2352 Год назад

Thanks a ton.

@AntonPutra Год назад

Glad to help @muhammedafser2352!

@samjackgreen Год назад

excellent video, thanks

@AntonPutra Год назад

Welcome!

@DanuKurnia 5 месяцев назад

thanks for your guide, well explained .. btw i thought you're Indonesian because of your name lol

@AntonPutra 5 месяцев назад

Thanks :) Lots of people told me that when I was in Bali.

@sairamakrishna2776 2 года назад

Hey @Anton Putra, Can we somehow use the loadbalancer as ssm target to establish a session to one of the instance under loadbalancer ?

@AntonPutra 2 года назад

sure, you have target group under lb, just pick one of the VM in that target group and ssh or port forward

@radzhivapasov4929 2 года назад

Hi Anton, thank you for the video, one question, can we access instances and databases and their url’s using session manager and its not suppose to be exposed to internet! And how many users can attempt one session in linux and windows machines. If you know something about it pls advise

@AntonPutra 2 года назад

you can defiantly port forward to access urls, not sure about session

@Sumantkrmishra Год назад

for me i tried setting up ssm but its not working, while strating ssm not able to add instance target id.

@letsspeakbharath 3 года назад

Expecting same explanation in upcoming topics

@AntonPutra 3 года назад

Will do)

@galeop Год назад

How does it work under the hood ? I suppose the following : 1) the EC2 instance performs remote port forwarding with Session manager, to make one of its port (eg 80) available to Session manager through that ssh tunnel (for instance on Session Manager's port 9999). 2) the AWS CLI establishes local port forwarding with Session manager, to be able to reach locally (local port 8080) Session Manager's port 9999, which itself is mapped to EC2's port 80. Am I correct ?

@AntonPutra Год назад

Usually, when I use managed services, I rely on functionality declared in the documentation. Internal implementation can be changed at any time.

@pingpongkias3344 2 года назад

Hey, is there a way for multiple port forwards in one session? For example - --parameters '{"portNumber";["80", "443"] , "localPortNumber":["1000","2000"]}' ?

@_jfsanchez_ Год назад

I guess you can just run the command twice in different terminals.

@ManojKumar-cd6ud 6 месяцев назад

Hey, I have same scenario, did you find any solution?

@phulesudarshan 2 года назад

How can we forward ssh port 22 from host to local so that we can use tools like sftp in such case when we do not have direct access to ec2 and using ssm instead?

@AntonPutra 2 года назад

In general to start a session use the following command aws ssm start-session \ --target instance-id \ --document-name AWS-StartPortForwardingSession \ --parameters '{"portNumber":["80"], "localPortNumber":["56789"]}'

@phulesudarshan 2 года назад

@@AntonPutra But its port 80 on remote we are mapping to here.

@wisnusetiawan4858 Год назад

How about with github action to connect with ssm so far ?

@AntonPutra Год назад

What's the question? I didn't get it

@weelaiyang931 2 года назад

Tried looking at the source code from the link provided via Github is not found, can you update the link?

@AntonPutra 2 года назад

Thanks for pointing this out, updated a link. antonputra.com/amazon/aws-session-manager-tutorial/

@MuttleyGames 3 месяца назад

9:54 This part doesn't work. You need to generate a key for developer user and save the Access key and secret access key somewhere. Then put them inside aws configure fields, otherwise you will get access denied (403) error. Yes it took me 3-4 hours of troubleshooting..

@AntonPutra 3 месяца назад

It worked at the time of recording. It is possible that something has changed on the AWS side.

@MuttleyGames 3 месяца назад

@@AntonPutra It no longer creates the key and secrets with the credentials file when making a user. You do it separately and get another file. Leaving it here if anyone needs it.

@AntonPutra 3 месяца назад

oh that part, now i got it. Yes now you need to generate the key as a separate step@@MuttleyGames