时间戳

首页 > 解决方案 > 如何建立 AWs Systems Manager PortForwarding 会话?未知会话类型端口

amazon-web-services - 如何建立 AWs Systems Manager PortForwarding 会话?未知会话类型端口

问题描述

我正在尝试对 AWS Systems Manager Session Manager Port Forwarding 会话进行 POC,但即使启动正常会话,我似乎也无法启动 PortForwarding 会话。

会话开始并按预期工作 aws ssm start-session --target i-xxxxxxxxxxx

aws ssm start-session --target i-xxxxxxxxxxx \
                       --document-name AWS-StartPortForwardingSession \
                       --parameters '{"portNumber":["80"],"localPortNumber":["3001"]}'

IAM 角色具有 AWS 策略 AmazonSSMManagedInstanceCore 和会话管理器策略

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ssmmessages:CreateControlChannel",
                "ssmmessages:CreateDataChannel",
                "ssmmessages:OpenControlChannel",
                "ssmmessages:OpenDataChannel"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetEncryptionConfiguration"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "kms:Decrypt"
            ],
            "Resource": "arn:aws:kms:us-east-2:xxxxxxxxxxx:key/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxx"
        }
    ]
}

我希望会话建立隧道并开始将端口 80 转发到我的本地端口 3001

相反,我收到以下错误:

SessionId xxxx-xxxxxxxxxxx

----------ERROR-------
Encountered error while initiating handshake. SessionType failed on client with status 2 error: Failed to process action SessionType: Unknown session type Port```

Here is what I am trying to accomplish: 

https://aws.amazon.com/blogs/aws/new-port-forwarding-using-aws-system-manager-sessions-manager/

标签: amazon-web-servicesamazon-systems-manageraws-session-manager

解决方案

我遇到了同样的问题,结果证明它是 aws cli 的过时 AWS 会话管理器插件。更新插件后,它工作。

安装/更新插件的说明在这里

推荐阅读