To allow SSH traffic to an EC2 instance using AWS CLI, you need to modify the security group associated with your instance to allow incoming traffic on port 22.
Here are the steps to allow SSH traffic to an instance using AWS CLI:
Step 1: Get the ID of the security group associated with your instance
Run the following command to get the ID of the security group associated with your instance:
aws ec2 describe-instances --instance-ids <instance-id> --query 'Reservations[].Instances[].SecurityGroups[].GroupId' --output text --region <region>
Replace <instance-id>
with the ID of your instance, and <region>
with the region where your instance is located.
Step 2: Update the security group inbound rules to allow SSH traffic
Run the following command to update the security group inbound rules and allow SSH traffic:
aws ec2 authorize-security-group-ingress --group-id <security-group-id> --protocol tcp --port 22 --cidr <ip-address>/32 --region <region>
Replace <security-group-id>
with the ID of the security group associated with your instance, <ip-address>
with the IP address range that you want to allow SSH traffic from (e.g., your local IP address), and <region>
with the region where your instance is located.
This command will add an inbound rule to the security group to allow incoming TCP traffic on port 22 from the specified IP address range.
Step 3: Verify the security group inbound rules
Run the following command to verify that the inbound rules of the security group have been updated correctly:
aws ec2 describe-security-groups --group-ids <security-group-id> --query 'SecurityGroups[].IpPermissions[]' --region <region>
Replace <security-group-id>
with the ID of the security group associated with your instance, and <region>
with the region where your instance is located.
This command will display the inbound rules of the security group, including the new rule that you added to allow SSH traffic.
By updating the security group inbound rules to allow incoming SSH traffic on port 22, you should be able to connect to your instance using SSH. Remember to remove the inbound rule once you have finished your SSH session for security purposes. You can remove the inbound rule using the revoke-security-group-ingress
command with similar parameters as the authorize-security-group-ingress
command above.