VPC Endpoint with SSM on EC2

 
 

How to adjust SSM Agent configuration for using your virtual private cloud endpoints: AWS provides you with a amazon-ssm-agent.json.template file. In Linux, you can find the file in /etc/amazon/ssm/. In Windows, this file is located in C:\Program Files\Amazon\SSM\.

  1. Create a copy of the .template file and name it amazon-ssm-agent.json.
  2. Open the JSON file. The Mds Endpoint and Ssm Endpoint values are blank by default.
  3. Update the Mds Endpoint with the DNS name of your EC2 Messages Endpoint.
  4. Update the Ssm Endpoint with the DNS name of your SSM Endpoint.
"Mds": {

"CommandWorkersLimit" : 5,

"StopTimeoutMillis" : 20000,

"Endpoint": "vpce-XXXXXXXX-yyyyyyyy.ec2messages.<region>.vpce.amazonaws.com",

"CommandRetryLimit": 15

},

"Ssm": {

"Endpoint": "vpce-XXXXXXXX-yyyyyyyy.ssm.<region>.vpce.amazonaws.com",

"HealthFrequencyMinutes": 5,

"CustomInventoryDefaultLocation" : "",

"AssociationLogsRetentionDurationHours" : 24,

"RunCommandLogsRetentionDurationHours" : 336,

"SessionLogsRetentionDurationHours" : 336

},
  1. Save your JSON file.
  2. Restart your SSM Agent.


      

AWS Marketplace Automation

Share Marketplace subscriptions with your AWS Organization

 

Jul 21st 2021

 

David Krohn

Best practices for REST API development

What to consider when designing a REST API

 

Jun 13th 2021

 

Walter Kopp

Encryption of SSM session data using KMS

Encrypting session data to handle confidential data interactions

 

Jun 11th 2021

 

David Krohn