How to connect to a private EC2 instance with remote-ssh in vscode via ssm

Question

Hi Team,

I am attempting to connect to a private EC2 instance via AWS Systems Manager (SSM). In my architecture, I do not have a bastion host; instead, I utilize AWS Systems Manager for connecting to private EC2 instances.

I have a specific need to connect to a private EC2 instance using Visual Studio. It would be greatly appreciated if someone could guide me on how to set up this connection.

Thank you.

Answer

Hello.

Are AWS CLI and Session Manager Plugin installed on the PC you are connecting from?  
If it is not installed, please install it by following the steps in the document below.  
https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html  
https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-working-with-install-plugin.html

Once installed, set the IAM user access key.  
https://docs.aws.amazon.com/cli/latest/userguide/getting-started-quickstart.html

After setting the access key, use the following command to check if you can connect to EC2 via Session Manager.  
```
aws ssm start-session --target "EC2 Instance ID" --region us-east-1
```

When combining with VSCode Remote SSH, please configure the following settings in "~/.ssh/config".  
I think the following GitHub issues will be helpful.  
https://github.com/aws/aws-toolkit-vscode/issues/941
```
# SSH to remote VS Code instance
host my-vscode-remote
    HostName "EC2 Instance ID"
    Port 22
    User ec2-user
    IdentityFile "EC2 Keypair file path" 
    ProxyCommand aws ssm start-session --target %h --document-name AWS-StartSSHSession --parameters 'portNumber=%p'
```

Additionally, EC2 must be registered as a Systems Manager managed instance by setting an IAM role.  
https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-ec2.html

How to connect to a private EC2 instance with remote-ssh in vscode via ssm

Relevant content