Allow setting VPC endpoints for AWS SSM agent #43

rubroboletus · 2023-03-03T12:46:31Z

Image I'm using:

Issue or Feature Request:

In our setup, we need to set VPC endpoints for aws ssm agent, and not pass all the communication via proxy. It will be nice, when there will be possible to set vpc endpointf for ssm agent / push own content of amazon-ssm-agent.json using bottlerocket settings.

stmcginnis · 2023-03-03T17:52:22Z

Hey @rubroboletus - interesting challenge here. This may take some research to figure out a good way to support this use case.

The SSM agent runs in the control host container. There would need to be a setting that could be provided in the user data that could be passed through to this host container, and something there that would need to read that value and get it written into the SSM agent config file. And if it can't do that before the agent starts, it would also need to restart the control container.

Technically all possible, but unfortunately not something I can just give you a script to get working for you right away.

stmcginnis added the enhancement New feature or request label Mar 3, 2023

stmcginnis added this to Bottlerocket Engineering Roadmap Mar 3, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Allow setting VPC endpoints for AWS SSM agent #43

Allow setting VPC endpoints for AWS SSM agent #43

rubroboletus commented Mar 3, 2023

stmcginnis commented Mar 3, 2023

Allow setting VPC endpoints for AWS SSM agent #43

Allow setting VPC endpoints for AWS SSM agent #43

Comments

rubroboletus commented Mar 3, 2023

stmcginnis commented Mar 3, 2023