session manager logging not working

0

Hi, my team currently testing session manager feature to adopt our environment and client's environment.

basic session manager feature seems to working very well, we dont have any troulbe to connect ec2 via session manager.

but after we enable the session manager logging feature on AWS UI ->AWS Systems Manager-> Session Manager-> prefereance

conencting to ec2 instance via session manager took almost 3 minutes (if we turn the logging feature disable, connecting to ec2 happen instantly) and logging seems to not working on our specified target (currently we set the target to cloudwatch log-groups)

is there some more process we should done to work this out?

fyi

so far we done

  • DNS features enabled on VPC
  • create 3 endpoints (ssm, ssmmessages and ec2messages) and put the security group allow https
  • use Amazon supplied basic AMI (Amazon linux AMI)
  • made role with two policies attaced and put this on ec2 instances
  1. AmazonSSMManagedInstanceCore
  2. custom policy to work with cloudwatch with following statesments { "Version": "2012-10-17", "Statement": [ { "Action": [ "logs:CreateLogStream", "logs:DescribeLogStreams", "logs:DescribeLogGroups", "logs:PutLogEvents" ], "Effect": "Allow", "Resource": "*" } ] }
1 回答
0
已接受的回答

just found answer myself, forgot to create the endpoint for cloudwatch or s3 :)

hope this will help to future idiot like myself XD

已回答 1 年前
profile picture
专家
A_J
已审核 7 天前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则