Session Manager usage:
- Connect to your instance without SSH keys, a bastion host, or opening any inbound ports.
- Sessions are secured using an AWS Key Management Service key.
- You can log session commands and details in an Amazon S3 bucket or CloudWatch Logs log group.
- Configure sessions on the Session Manager Preferences page.
Policy sample:
{ "Id": "Policy1718206144629", "Version": "2012-10-17", "Statement": [ { "Sid": "Stmt1718206142963", "Action": [ "s3:GetObject", "s3:PutObject" ], "Effect": "Allow", "Resource": "arn:aws:s3:::reportbucket12343", "Principal": { "AWS": [ "arn:aws:iam::267116102150:instance-profile/EC2InstanceProfile" ] } } ] }