Session Manager eliminates the need for bastion hosts and open inbound ports to interact with your instances. This provides cost savings and also improves security posture. With support for port forwarding, you now get these benefits in tunneling scenarios, such as communicating with web servers and database servers hosted in private subnets. You can also manage a Windows-based instance using Remote Desktop Protocol (RDP) by using Session Manager to tunnel traffic from the instance, without the requirement of a gateway server.
To get started, open a secure tunnel between a local and remote port by creating a new session at the command line using the AWS-StartPortForwardingSession Session Manager document. Then connect to this local port using your browser, database, or RDP client. Session Manager will forward subsequent traffic between the local and remote port.
Session Manager is a feature of Systems Manager. Systems Manager enables visibility and control of your cloud and on-premises infrastructure. It simplifies resource and application management, shortens the time to detect and resolve operational problems, and makes it easier to operate and manage your infrastructure securely at scale.