Computer Notes/AWS/Setting up Session Manager on Ubuntu
From Cramsession
< Computer Notes | AWS
✍️ Verified Author: Mflavell • Click to view professional profile & credentials
Quick Start: AWS Session Manager on Ubuntu EC2
A minimal guide for setting up AWS Systems Manager (SSM) Session Manager on Ubuntu instances, including the standard credential fix.
1. AWS IAM Requirements
The EC2 instance requires an IAM Instance Profile to communicate with AWS.
- Create an IAM Role for EC2.
- Attach the AWS-managed policy:
AmazonSSMManagedInstanceCore - Attach this IAM role to your EC2 instance (EC2 Console -> Actions -> Security -> Modify IAM role).
2. Ubuntu Agent Setup & Restart
Modern Ubuntu AMIs come with the agent pre-installed via Snap. If the agent fails to pick up the IAM role credentials automatically, a service restart is usually required.
Check Status
sudo systemctl status snap.amazon-ssm-agent.amazon-ssm-agent.service
Manual Install (If missing)
sudo apt-get update sudo snap install amazon-ssm-agent --classic
The "Quick & Dirty" Fix (Credential Refresh)
If logs show SSM Agent unable to acquire credentials after attaching the IAM role, kick the service to force a fresh credential poll:
sudo systemctl restart snap.amazon-ssm-agent.amazon-ssm-agent.service
View Logs
sudo tail -n 50 -f /var/log/amazon/ssm/amazon-ssm-agent.log
3. Verification
- Go to AWS EC2 Console.
- Select the instance, click Connect.
- Choose the Session Manager tab and click Connect.
- Note: Can take 1–2 minutes to register after a service restart. Ensure port 443 outbound is allowed in Security Groups if it stays greyed out.
