Connect to Public Instance

SSMPublicinstance

  1. Go to EC2 service management console.

    • Click on Public Linux Instance.
    • Click Actions.
    • Click Security.
    • Click Modify IAM role. Connect

  2. At the Modify IAM role page.

    • Click to select SSM-Role.
    • Click Update IAM role. Connect

      You will need to wait about 10 minutes before performing the next step. This time our EC2 instance will automatically register with the Session Manager.

  3. Go to the AWS Systems Manager service management console

    • Drag the left menu slider down.
    • Click Session Manager.
    • Click Start Session. Connect

  4. Then select Public Linux Instance and click Start session to access the instance. Connect

  5. Terminal will appear on the browser. Testing with the command sudo tcpdump -nn port 22 and sudo tcpdump we will see no SSH traffic but only HTTPS traffic. Connect

Above, we have created a connection to the public instance without opening SSH port 22, for better security, avoiding any attack to the SSH port.
One disadvantage of the above method is that we have to open the Security Group outbound at port 443 to the internet. Since it’s a public instance, it probably won’t be a problem, but if you want extra security, you can block port 443 to the internet and still use the Session Manager. We will go through this in the private instance section below.

You can click terminate to end the currently connected session before proceeding to the next step.