How to use session-manager-plugin command

Question

I want to use session-manager-plugin in python code.

The code is written as follows

import boto3
from boto3.session import Session
import subprocess

AWS_REGION = "ap-northeast-1"
AWS_PROFILE = "default"
INSTANCE_ID = "i-XXXXX"

ssm = boto3.client('ssm')

response = ssm.start_session(
    Target=INSTANCE_ID,
    DocumentName='AWS-StartPortForwardingSession',
    Parameters={
        'portNumber': ['3389'],
        'localPortNumber': ['13389'],
    }
)

parameters = "{'DocumentName': 'AWS-StartPortForwardingSession', 'Target': "+INSTANCE_ID+", 'Parameters': {'portNumber': ['3389'], 'localPortNumber': ['13389']}}"

def start_aws_ssm_plugin(create_session_response, parameters, profile, region):
    arg0 = '"' + 'session-manager-plugin' + '"'
    arg1 = '"' + str(create_session_response).replace('\'', '\\"') + '"'
    arg2 = region
    arg3 = 'StartSession'
    arg4 = profile
    arg5 = '"' + str(parameters).replace('\'', '\\"') + '"'
    arg6 = 'https://ssm.{region}.amazonaws.com'.format(region=region)

    command = arg0 + ' ' + arg1 + ' ' + arg2 + ' ' + arg3 + ' ' + arg4 + ' ' + arg5 + ' ' + arg6

    pid = subprocess.Popen(command).pid
    return pid

start_aws_ssm_plugin(response, parameters, AWS_PROFILE, AWS_REGION)

But, the code gets an error.

panic: interface conversion: interface {} is nil, not string

goroutine 1 [running]:
github.com/aws/SSMCLI/src/sessionmanagerplugin/session.ValidateInputAndStartSession(0xc00010c000, 0x7, 0x8, 0x14c2380, 0xc000006018)

I wrote the code with reference to "https://stackoverflow.com/questions/65963897/how-do-i-use-the-results-of-an-ssm-port-forwarding-session-started-with-ruby/66043222#66043222"

If you have any information, please let me know.

Thank you

Answer 1

As I know you need call the start-session endpoint to get the streamurl, sessionid and token. Then call session-manager-plugin to forward tty.

https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_StartSession.html

Answer 2

You seem to mess up quoting the two json arg strings. This works on Windows10:

import boto3
ssm = boto3.client('ssm')
instance_id = "i-XXXXX"
ssm_response = ssm.start_session(
    Target=instance_id,
    DocumentName='AWS-StartPortForwardingSession',
    Parameters={"portNumber": ["8080"], "localPortNumber": ["9999"]}
)
cmd = [
    'C:/Program Files/Amazon/SessionManagerPlugin/bin/session-manager-plugin.exe',
    json.dumps(ssm_response),
    'eu-central-1',  # client region
    'StartSession',
    'default',  # profile name from aws credentials/config files
    json.dumps(dict(Target=instance_id)),
    'https://ssm.eu-central-1.amazonaws.com'  # endpoint for ssm service

]
subprocess.run(cmd)

The source https://github.com/aws/session-manager-plugin/blob/mainline/src/sessionmanagerplugin/session/session.go was helpful.