bottlerocket-control-container icon indicating copy to clipboard operation
bottlerocket-control-container copied to clipboard

Published 20 hours ago verified publisher icon bottlerocket-os

Allow setting VPC endpoints for AWS SSM agent

Open rubroboletus opened this issue 2 years ago • 1 comments

Image I'm using:

Issue or Feature Request:

In our setup, we need to set VPC endpoints for aws ssm agent, and not pass all the communication via proxy. It will be nice, when there will be possible to set vpc endpointf for ssm agent / push own content of amazon-ssm-agent.json using bottlerocket settings.

rubroboletus avatar Mar 03 '23 12:03 rubroboletus

Hey @rubroboletus - interesting challenge here. This may take some research to figure out a good way to support this use case.

The SSM agent runs in the control host container. There would need to be a setting that could be provided in the user data that could be passed through to this host container, and something there that would need to read that value and get it written into the SSM agent config file. And if it can't do that before the agent starts, it would also need to restart the control container.

Technically all possible, but unfortunately not something I can just give you a script to get working for you right away.

stmcginnis avatar Mar 03 '23 17:03 stmcginnis