Can't connect to EC2 istance using session manager

0

hello,

I am having issues, connecting to a private EC2 instance using session manager. The EC2, has a IAM role attached with the "AmazonSSMManagedInstanceCore" policy, I have a VPC set up along with a endpoint in order to connect to the session manager.

When I try to connect using SSM I get this error message "The version of SSM Agent on the instance supports Session Manager, but the instance is not configured for use with AWS Systems Manager. Verify that the IAM instance profile attached to the instance includes the required permissions.", am not quite sure what else to, can anyone help?

3 Answers
1
Accepted Answer

Systems Manager requires three VPC endpoints to be fully managed:
https://repost.aws/knowledge-center/ec2-systems-manager-vpc-endpoints

com.amazonaws.[region].ssm
com.amazonaws.[region].ec2messages
com.amazonaws.[region].ssmmessages
profile picture
EXPERT
answered 5 months ago
  • Thank you, that fixed the issue.

0

Hello.

Please share the VPC endpoint you configured.
Also, check whether the security group configured for the VPC endpoint allows HTTPS.
https://docs.aws.amazon.com/systems-manager/latest/userguide/setup-create-vpc.html

profile picture
EXPERT
answered 5 months ago
profile pictureAWS
EXPERT
reviewed 5 months ago
0

Sure,

Endpoint Type: Interface. Service Name: com.amazonaws.us-east-1.ssm.

please let me know if you need anything else.

NelioB
answered 5 months ago
  • No, no and no, type=Interface is known after the fact. You need to explicit the Service Category that the wizard actually offers please. AWS services | EC2 Instance Connect | Private Link | Other endpoint services | AWS Marketplace services (not that one, for the completeness' sake)

  • Yes, we do need to know what Outbound Rules are needed for that SG that protects the VPC endpoint, as that part is not very clear. Inbound is made clear in doco (HTTPS 443 / VPC CIDR), but not Outbound. Also, is Inbound considered as "exiting out of VPC onto AWS general services?"

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions