SSH using SSM

One of the features of using SSM is the ability to access an EC2 command line from the AWS console. But you can also use the SSM plugin to SSH into an EC2 instance from the command line.

Here’s an example where we proxy the SSH session through SSM directly to the instance:

1

ssh -o ProxyCommand="aws ssm start-session --target %h --document-name AWS-StartSSHSession --parameters 'portNumber=%p'" <instance ID like i-00000000000000000>

It’s really common to alter your SSH config file to change the behavior if you use an instance ID instead of hostname:

1
2

Host i-* mi-*
    ProxyCommand sh -c "aws ssm start-session --target %h --document-name AWS-StartSSHSession --parameters 'portNumber=%p'"

The problem with using the SSH config is that you have to edit it if you need to use –profile, –region, or any other command line options.