<ul><li>The SSM agent running on the EC2 instance communicates with the AWS System Manager Service using VPC Interface endpoints.</li><li>The SSM agent obtains instance metadata such as the AWS region.</li><li>The SSM agent resolves the API endpoint (e.g., ssm..amazonaws.com) via the private DNS.</li><li>The SSM agent sends API requests to the private IP address of the VPC interface endpoint's ENI, which forwards them to the AWS SSM service.</li></ul>

How AWS SSM agent communicates with 𝐒𝐲𝐬𝐭𝐞𝐦 𝐌𝐚𝐧𝐚𝐠𝐞𝐫 𝐒𝐞𝐫𝐯𝐢𝐜𝐞 using 𝐕𝐏𝐂 𝐈𝐧𝐭𝐞𝐫𝐟𝐚𝐜𝐞 𝐞𝐧𝐝𝐩𝐨𝐢𝐧𝐭𝐬.

Discover more