Issue
I want the EC2 to be accessible only through session manager.
Originally I launched one, ssh into it, installed the ssm-manager, but then I found out I can't replace its ENI with a non-public-facing ENI.
So then I tried launching one with an ENI with only a private IP, associate a public EIP to it, but I fail to ssh into the machine, it keeps timing out.
After quite a lot of experimenting around I just can't find the solution to this problem, so here I am.
What do I need? I want to know how to create an EC2 instance that has NO PUBLIC IP and NO PUBLIC SUBNET. Attach a public IP to it and config it to work SSH into it, install SSM agent and then disable ALL PUBLIC FACING networking.
any suggestions? guides?
thanks
Solution
Create an AMI that has the SSM agent already installed and configured, or pick one of the existing AMIs that have SSM agent pre-installed. Then launch your EC2 instances from that AMI.
Answered By - Mark B Answer Checked By - Candace Johnson (WPSolving Volunteer)