En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

RDP to EC2 Instance with SSM

0

Hello,

I'm trying to figure out how to RDP to an EC2 instance of a GameLift fleet server (using SDK 5). I'm following this guide:

https://awscloudsecvirtualevent.com/workshops/module1/rdp/

But i seem to be struggling at the last stages where i need to use this command:

aws ssm start-session --target <instance-id> --document-name AWS-StartPortForwardingSession --parameters "localPortNumber=55678,portNumber=3389"

It's giving me this error:

An error occurred (AccessDeniedException) when calling the StartSession operation: User: arn:aws:sts::123456:assumed-role/FleetServiceEC2Access-DataPlaneRole-FRA/FleetsService-GetComputeAccess-1234-1234-1234-1234-1234 is not authorized to perform: ssm:StartSession on resource: arn:aws:ssm:eu-central-1::document/AWS-StartPortForwardingSession because no session policy allows the ssm:StartSession action

Any idea what kind of policy i need to add? (Already using the "AmazonSSMFullAccess" policy on the user) Or is there a better way of getting RDP access to the GameLift server?

Sujets
Game Tech
Balises
Amazon GameLiftGestion des sessions
Langue
English
Elie
demandé il y a 6 mois366 vues
1 réponse
0

It looks like your assuming a role called FleetServiceEC2Access-DataPlaneRole-FRA. Ensure this role as the appropiate access. It could be different than the IAM used which has AmazonSSMFullAccess

Have you tried RDP Directly from Fleet Manager in ssm instead of via port forwarding?

profile picture
EXPERT
Gary Mclean
répondu il y a 6 mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents