How do I use Session Manager to create port forwarding?

Short description

You can create a port forwarding session for port 80, and load your website from the local host address on your local machine. You don't need to open inbound port 80 on the managed instance at the security group or network access control list (network ACL). Creating a port forwarding session for port 80 strengthens your security posture in AWS.

Prerequisites:

1. Confirm that Systems Manager is managing your Amazon Elastic Compute Cloud (Amazon EC2) instance. For more information, see Setting up Systems Manager for EC2 instances and Manually installing AWS Systems Manager Agent (SSM Agent) on EC2 instances for Linux.
2. Use the latest version of the AWS Command Line Interface (AWS CLI).
3. Install the Session Manager plugin for the AWS CLI.

Resolution

1.    Run the following command:

Note: Replace the example values with your required values.

Linux or macOS:

# aws ssm start-session \ 
 --target example-EC2-instance-ID \ 
 --document-name AWS-StartPortForwardingSession \  
  --parameters '{"portNumber":["80"], "localPortNumber":["example-local-port"]}'

Windows:

> aws ssm start-session  
 --target "example-EC2-instance-ID" --document-name AWS-StartPortForwardingSession --parameters "portNumber"=["80"],"localPortNumber"=["example-local-port"]

2.    Open the browser on your local machine, and load http://localhost:example-local-port to view the web server content from your Amazon EC2 instance.