Instance access examples - AMS Advanced User Guide

Instance access examples

These examples show how to log in to an instance by using a bastion after you've been granted access through an RFC. For information about getting access granted, see Requesting instance access.


An Amazon EC2 instance created through an Amazon EC2 Auto Scaling group will have an IP address that cycles in and out and you have to use your Amazon EC2 console to find that IP address.

Required data:

  • Bastion DNS friendly name or IP address: Use a DNS friendly name as described in DNS friendly bastion names or find bastion IP addresses as described in Using bastion IP addresses.

  • User name (for example DOMAIN_FQDN\\USERNAME) and Password: Credentials for the account. The USERNAME must be your Active Directory user account name.

    Note that a user name in the format can be used but can cause trouble with your PBIS setup.

  • Stack IP address: Find this by looking at the run output for the RFC that you submitted to launch the stack, or look up the Amazon EC2 instance IP address in the Amazon EC2 console. For a single Amazon EC2 instance, you can also use the AMS SKMS command ListStackSummaries to find the stack ID and then GetStack to find the stack IP address.

Access the bastion IP address, either SSH or RDP, as appropriate, and log in using one of the following procedures.


RDP bastions only allow two simultaneous connections. So, in the best case scenario, only 4 admins are able to connect to windows stacks at the same time. If you require more connections for RDP, see AMS Bastion Options during Application Migrations/Onboarding in the AMS onboarding guide.