Software development
Artificial Intelligence
Cloud
View all courses
Learn
Connect
Blog
Resource hub
Featured resource
2025 Tech Upskilling Playbook
Tech Upskilling Playbook

Build future-ready tech teams and hit key business milestones with seven proven plays from industry leaders.

Check it out
  • Lab
    • Libraries: If you want this lab, consider one of these libraries.
    • Cloud
Google Cloud Platform icon
Labs

Connecting to Managed Instances Using SSM Session Manager

AWS SSM Session Manager is an excellent feature to connect to and manage all your hybrid infrastructure remotely without having to use SSH for Linux or RDP for Windows instances. It provides the added bonus of security, as you don't need SSH/RDP ports open and access control to who can establish shell sessions using IAM policies. It also allows for logging and auditing of all activity during a shell session via Session Manager. In this hands-on lab, we'll configure an on-premises instance from scratch and access it using Session Manager as well as an EC2 instance within AWS.

Get started Contact sales
Google Cloud Platform icon
Lab platform
Lab Info
Level
Intermediate
Last updated
Nov 05, 2025
Duration
1h 0m

Contact sales

By clicking submit, you agree to our Privacy Policy and Terms of Use.
Table of Contents

  1. Challenge

    Log in to the On-Premises VM and Install SSM Agent

    1. Log in to the on-premises VM via SSH using the credentials provided:

      ssh cloud_user<ON_PREMISES_VM_IP>

    2. Once you log in as cloud_user, there should be a file named ssm_commands.txt. This file should have a list of commands for setting up SSM Agent and registering it with SSM. For now, we'll only install SSM Agent and enable it for starting up on boot:

      sudo yum -y install https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm

  2. Challenge

    Log in to the Main SSM Command Node and Create a Hybrid Activation

    1. In a new terminal, log in to the main SSM node spun up for you by the lab:

      ssh cloud_user@<SSM_MAIN_NODE_IP>

      Once you log in as cloud_user, there should be a file named create_hybrid_activation.txt, which has commands for creating a hybrid activation, as well as some commands we'll use later.

    2. Create a hybrid activation:

      aws ssm create-activation --default-instance-name MyOnPremInstance --iam-role SSMServiceRoleForActivation --registration-limit 1

    3. The command above will return an ActivationID and an ActivationCode. Copy them into a file to use in the next step.

  3. Challenge

    Register the On-Premises VM with SSM and Restart SSM Agent

    1. On the CLI of the on-premises VM, register with SSM (using the ActivationCode and ActivationId from the previous step/task):

      sudo amazon-ssm-agent -register -code "<ActivationCode>" -id "<ActivationId>" -region us-east-1

      You should see logs confirming successful registration of your on-premises VM with SSM.

    2. Restart SSM Agent:

      sudo systemctl restart amazon-ssm-agent

    Note: If for any reason the activation command fails, double-check your ActivationID and ActivationCode, as well as internet connectivity of your on-premises VM outbound port 443/HTTPS. Look in /var/log/amazon/ssm/amazon-ssm-agent.log for further troubleshooting hints.

  4. Challenge

    Find the On-Premises VM's Instance ID and Log In to the Instance

    Log back in to the SSM Main node as cloud_user and issue the following commands to find the newly registered on-premises VM's instance ID (which should start with mi) and log in to its shell using SSM API.

    1. Find the on-premises registered VM's instance ID using the SSM API:

      aws ssm describe-instance-information

      In the output, you should only see one instance with the name MyOnPremInstance. Copy its InstanceId for the next command.

    2. Log in to the shell of the on-premises managed SSM instance using the Session Manager session API:

      aws ssm start-session --target <ON_PREMISES_INSTANCE_ID>

      You're now logged in without using SSH.

  5. Challenge

    Connect to an SSM Managed Instance via the SSM Console
    1. Log in to the AWS Management Console with the credentials provided.
    2. Navigate to EC2 and verify you see the EC2 instance named SSM-Setup-Via-GUI.
      • This instance already has SSM Agent installed.

  6. Challenge

    Create an IAM Role for EC2 Instance with SSM Policy
    1. Navigate to IAM.
    2. Go into Roles.
    3. Create a role and choose the AWS service EC2.
    4. Head to Permissions, type "SSM" in the policy search bar, and select the policy AmazonEC2RoleforSSM.
    5. Click Next, leave the tags as their default, and give your IAM role a name (e.g., "MyGUISSMRoleForEC2").
    6. In the EC2 console, select the SSM-Setup-Via-GUI instance, go into its instance settings, and select Attach/Replace IAM Role.
    7. In the dropdown, select the MyGUISSMRoleForEC2 you just created and click Apply.
    8. Reboot the EC2 instance SSM-Setup-Via-GUI.

  7. Challenge

    Start a Session Manager Session with the Newly Created Instance
    1. Navigate to the Systems Manager console and select Session Manager in the left-hand menu.
    2. Click Start session. You might already see the on-premises instance we set up earlier in the lab. Wait a couple minutes for your newly configured SSM-Setup-Via-GUI instance to show up.
    3. Once it does, select it, and click Start session. It should log you in to a browser-based shell session with your instance.
About the author
Pluralsight Skills - Labs - Pluralsight
Pluralsight Skills

Pluralsight Skills gives leaders confidence they have the skills needed to execute technology strategy. Technology teams can benchmark expertise across roles, speed up release cycles and build reliable, secure products. By leveraging our expert content, skill assessments and one-of-a-kind analytics, keep up with the pace of change, put the right people on the right projects and boost productivity. It's the most effective path to developing tech skills at scale.

Real skill practice before real-world application

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Learn by doing

Engage hands-on with the tools and technologies you’re learning. You pick the skill, we provide the credentials and environment.

Follow your guide

All labs have detailed instructions and objectives, guiding you through the learning process and ensuring you understand every step.

Turn time into mastery

On average, you retain 75% more of your learning if you take time to practice. Hands-on labs set you up for success to make those skills stick.

Get started with Pluralsight

View individual plans View team plans