- Newest
- Most votes
- Most comments
When using Session Manager with AWS Systems Manager, the communication between the client terminal (1), the EC2 instance acting as a relay (2), and the on-premise servers (3) is established using a secure TLS tunnel.
Here's a high-level overview of how the communication works:
The client terminal (1) initiates a connection to the Session Manager endpoint via HTTPS. This connection is established securely using SSL/TLS.
The EC2 instance (2) polls the Session Manager endpoint to check for any active sessions. Once a session is requested, the EC2 instance opens a bidirectional TLS tunnel with the Session Manager service.
After the TLS tunnel is established, the client terminal (1) sends commands or requests through the tunnel to the EC2 instance (2). These commands could include starting a port forwarding session.
The EC2 instance (2) receives the commands and establishes a port forwarding session using the SSH protocol. This creates a secure connection between the client terminal (1) and the EC2 instance (2).
The EC2 instance (2) acts as a relay and forwards the network traffic between the client terminal (1) and the on-premise servers (3). The traffic is encapsulated within the TLS tunnel, ensuring secure communication.
In summary, the communication between the client terminal (1) and the on-premise servers (3) is encapsulated within a TLS tunnel that is established between the client terminal (1) and the EC2 instance acting as a relay (2). This ensures secure and encrypted communication between the client and the on-premise servers.
Relevant content
- Accepted Answerasked 7 months ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated a year ago