[rukenshia]

I'm a bit confused about this one.. we have been using SSM Session Manager for quite some time now and this looks like it does the same. We also export all logs during the session with SSM and you can see which user initiated the session. What am I missing here?

[snorkel]

For dev environments SSH is essential, but in production environments I 100% agree with using SSM Session Manager instead of SSH. Getting terminal access to a production server is sometimes necessary but it ought to be temporary access, all actions are logged, and treated as an exception situation rather than routine. SSM session manager provides all that without requiring SSH keys and SSH firewall rules in production.

[gauravphoenix]

SSM session manager is basically a HTTP wrapper over a shell. You have to use browser for SSM which mostly works until it doesn't. I had trouble sometimes copy pasting to it.

This new service is basically a managed SSH so things like port forwarding etc will work. With SSM you can't do port forwarding etc because it is not SSH aware.

[CSDude]

But this needs to expose SSH? SSM is great (although its not fast enough) because it eliminates our jumpers

[gauravphoenix]

Yeah but then a lot of people have use cases for SSH. The solution is targeted towards replacing jump boxes.

[otterley]

It's absolutely possible (and supported!) to connect to your instance via SSM without using a browser:

https://docs.aws.amazon.com/systems-manager/latest/userguide...

[gauravphoenix]

that's good! I hope someday the AWS CLI will come bundled "the Session Manager plugin".