如何建立亚马逊网络服务系统管理器PortForwarding会话？未知的会话类型端口

Question

我正在尝试进行AWS Systems Manager会话管理器端口转发会话的POC，但似乎无法启动PortForwarding会话，即使启动正常会话也可以。

会话按预期启动和工作aws ssm start-session --target i-xxxxxxxxxxx

aws ssm start-session --target i-xxxxxxxxxxx \
                       --document-name AWS-StartPortForwardingSession \
                       --parameters '{"portNumber":["80"],"localPortNumber":["3001"]}'

IAM角色具有AWS策略AmazonSSMManagedInstanceCore和会话管理器策略

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ssmmessages:CreateControlChannel",
                "ssmmessages:CreateDataChannel",
                "ssmmessages:OpenControlChannel",
                "ssmmessages:OpenDataChannel"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetEncryptionConfiguration"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "kms:Decrypt"
            ],
            "Resource": "arn:aws:kms:us-east-2:xxxxxxxxxxx:key/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxx"
        }
    ]
}

我希望会话建立隧道并开始将端口80转发到我的本地端口3001

相反，我得到以下错误：

SessionId xxxx-xxxxxxxxxxx

----------ERROR-------
Encountered error while initiating handshake. SessionType failed on client with status 2 error: Failed to process action SessionType: Unknown session type Port```

Here is what I am trying to accomplish: 

https://aws.amazon.com/blogs/aws/new-port-forwarding-using-aws-system-manager-sessions-manager/

Answer 1

我也遇到了同样的问题，它被证明是AWS cli的一个过时的aws会话管理器插件。在更新插件之后，它就可以工作了。

安装/更新插件的说明为here。