Go to EC2 service management console.
At the Modify IAM role page.
You will need to wait about 10 minutes before performing the next step. This time our EC2 instance will automatically register with the Session Manager.
Go to the AWS Systems Manager service management console
Then select Public Linux Instance and click Start session to access the instance.
Terminal will appear on the browser. Testing with the command sudo tcpdump -nn port 22
and sudo tcpdump
we will see no SSH traffic but only HTTPS traffic.
Above, we have created a connection to the public instance without opening SSH port 22, for better security, avoiding any attack to the SSH port.
One disadvantage of the above method is that we have to open the Security Group outbound at port 443 to the internet. Since it’s a public instance, it probably won’t be a problem, but if you want extra security, you can block port 443 to the internet and still use the Session Manager. We will go through this in the private instance section below.
You can click terminate to end the currently connected session before proceeding to the next step.