我正在尝试进行AWS Systems Manager会话管理器端口转发会话的POC,但是即使启动正常会话也似乎无法启动PortForwarding会话。
会话开始并按预期工作 AWS ssm开始会话--target i-xxxxxxxxxxx
aws ssm start-session --target i-xxxxxxxxxxx \
--document-name AWS-StartPortForwardingSession \
--parameters '{"portNumber":["80"],"localPortNumber":["3001"]}'
IAM角色具有AWS策略AmazonSSMManagedInstanceCore和会话管理器策略
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ssmmessages:CreateControlChannel",
"ssmmessages:CreateDataChannel",
"ssmmessages:OpenControlChannel",
"ssmmessages:OpenDataChannel"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"s3:GetEncryptionConfiguration"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"kms:Decrypt"
],
"Resource": "arn:aws:kms:us-east-2:xxxxxxxxxxx:key/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxx"
}
]
}
我希望会话建立隧道并开始将端口80转发到我的本地端口3001
相反,出现以下错误:
SessionId xxxx-xxxxxxxxxxx
----------ERROR-------
Encountered error while initiating handshake. SessionType failed on client with status 2 error: Failed to process action SessionType: Unknown session type Port```
Here is what I am trying to accomplish:
https://aws.amazon.com/blogs/aws/new-port-forwarding-using-aws-system-manager-sessions-manager/