Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Hybrid Instances using SSM VPC Endpoints

0

Hi,
I wish to configure some on-prem RHEL instances as managed, hybrid instances using SSM. But I wish these instances to communicate with SSM VPC Endpoints across a VPN, as opposed to the public SSM endpoints. The documentation suggests this is doable, but I don't understand how to configure the hybrid SSM agents to reference the DNS names of the SSM VPC Endpoints.

Can anyone point me in the right direction with this, please?

Many thanks in advance

Prys

Edited by: prys on May 13, 2020 3:30 AM

Themen
Management & Unternehmensführung
Tags
AWS Systemmanager
Sprache
English
Prys
gefragt vor 4 Jahren587 Aufrufe
1 Antwort
0

Ok - I found the answer which consists of editing the /etc/amazon/ssm/amazon-ssm-agent.json file. This file has various sections where you can specify the endpoint and from what I can work out...
Mds Endpoint = ec2messages VPC endpoint
Ssm Endpoint = ssm VPC endpoint
Mgs Endpoint = ssmmessages VPC endpoint

So you just specify the route53 public VPC endpoint hostnames in this file and restart the agent.
This appears to be entirely undocumented but I have had confirmation that customising the agent in this way is a supported configuration.

Prys
beantwortet vor 4 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt