AWS SSM documents and SSM session-start command to ssh directly to an instance without using the ssh keys

Assuming you have a role with the necessary permissions, you can list the instances InstanceId and the tags Name if present, within the region you define.

aws-ec2-list-all-ec2-instance-and-their-tag-name

for instance in $(aws ec2 describe-instances | jq -r '.Reservations[].Instances[].InstanceId' ); do
    echo "${instance} : $(aws ec2 describe-instances --instance-ids ${instance} | jq '.Reservations[].Instances[].Tags[] | select(.Key == "Name")|.Value') "
done

(“ping me” if you know how to simplify the above comand with the –query native from aws cli)

Then you can run various AWS Systems Manager documents (SSM document) against a “target” instance(s).

docs here - https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-ssm-docs.html

aws-ssm-list-documents-example

If you prefer the AWS CLI, you can list available documents.

aws ssm list-documents

docs here - https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ssm/list-documents.html

example-using-aws-ssm-start-session

docs here - https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ssm/start-session.html

aws ssm start-session --target i-123456789012

by-antonio-feijao-uk

Thank you for you time and happy learning,

Antonio Feijao