AWS: Connection without SSH

When working with AWS Fargate or EC2 instances there is a handy way of connecting to the virtual server without using ssh. That means there is no need to expose port 22 to the internet and permissions can be managed withing AWS IAM instead of by distributing SSH keys over instances.

For this to work the aws-cli needs to be installed and configured with your AWS key (aws configure).

The commandline varies depending on the type of task/instance:

  1. Fargate task
    This requires the ARN of your cluster and the task id (which looks like an md5 checksum) you want to connect to
    aws ecs execute-command --cluster arn:aws:ecs:us-east-1:123456789012:cluster/your-cluster-name --task $TASKID --interactive --command /bin/bash;

  2. EC2 instance
    This requires only the instance id (“i-*”) you want to connect to
    aws ssm start-session --target $instanceid