Add support for connecting to managed instances (mi-040XX38e3eXXcfeda) not just EC2s with aws_ssm connection method

[dcacklam]

Summary

At present, the aws_ssm connection method only reliably supports connections to ec2 instances (i-numbers).

It does not support managed instances (physical servers that are managed through SSM agent, as part of a 'hybrid cloud' environment).

These servers can be reached by 'aws ssm start-session --target (instance number)' on the command line (AWSCLI) but cannot be reached reliably by ansible if you provide an inventory with 'mi-040XX38e3eXXcfeda' in it (Xs for obfuscation).

Implementing this feature would require detecting the 'm' in the hostname, and handling the connection as-needed for that case.

Issue Type

Feature Idea

Component Name

aws_ssm

Additional Information

At present, attempting to connect to 'managed' SSM instances fails.

This feature would allow Ansible to work on 'managed' instances (as represented by an i-number with an 'm' prefix: mi-(whatever)) as well as EC2 hosts.

It would detect whether a host was an EC2 (hostname matches ^i-.) or managed (hostname matches ^mi-.), and if it was managed use the AWS SSM start-session API to send commands to it, resulting in the same user-experience enjoyed when running Ansible against EC2 hosts now.

Code of Conduct

• I agree to follow the Ansible Code of Conduct