Sign In to the Console
AWS Systems Manager
User Guide

AWS Documentation » AWS Systems Manager » User Guide » Working with SSM Agent » Installing and Configuring SSM Agent on Amazon EC2 Linux Instances » Configure SSM Agent to Use a Proxy

Configure SSM Agent to Use a Proxy

You can configure SSM Agent to communicate through an HTTP proxy by adding the http_proxy, https_proxy, and no_proxy settings to an amazon-ssm-agent.override configuration file. An override file also preserves the proxy settings if you install newer or older versions of SSM Agent. This section includes procedures for upstart and systemd environments.

Note

Instances created from an Amazon Linux AMI that are using a proxy must be running a current version of the Python requests module in order to support Patch Manager operations. For more information, see Upgrade the Python Requests Module on Amazon Linux Instances That Use a Proxy Server.

Topics

Configure SSM Agent to Use a Proxy (Upstart)

  1. Connect to the instance where you installed SSM Agent.

  2. Open a simple editor like VIM, and specify the following settings: 

    env http_proxy=http://hostname:port
env https_proxy=http(s)://hostname:port
env no_proxy=169.254.169.254

    Note

    You must add the no_proxy setting to the file and specify the IP address listed here. It is the instance metadata endpoint for Systems Manager. Without this IP address, calls to Systems Manager fail.

  3. Save the file as amazon-ssm-agent.override in the following location: /etc/init/

  4. Stop and restart SSM Agent using the following commands:

    sudo stop amazon-ssm-agent
sudo start amazon-ssm-agent

Note

For more information about working with .override files in Upstart environments, see init: Upstart init daemon job configuration.

Configure SSM Agent to Use a Proxy (systemd)

The steps in the following procedure describe how to configure SSM Agent to use a proxy in systemd environments. Some of the steps in this procedure contain explicit instructions for Ubuntu Server instances installed by using Snap.

  1. Connect to the instance where you installed SSM Agent.

  2. Run the following command:

    systemctl edit amazon-ssm-agent

    For Ubuntu Server instances installed by using a snap, run the following command: 

    systemctl edit snap.amazon-ssm-agent.amazon-ssm-agent

  3. Specify the following settings:

    [Service]
Environment="http_proxy=http://hostname:port"
Environment="https_proxy=http(s)://hostname:port"
Environment="no_proxy=169.254.169.254"

    Note

    You must add the no_proxy setting to the file and specify the IP address listed here. It is the instance metadata endpoint for Systems Manager. Without this IP address, calls to Systems Manager fail.

  4. Save your changes. The system creates a file named amazon-ssm-agent.override (or override.conf on Amazon Linux 2) instances in the etc/systemd/system/amazon-ssm-agent.service.d folder.

  5. Restart SSM Agent by using the following commands:

    sudo systemctl stop amazon-ssm-agent
sudo systemctl daemon-reload

    For Ubuntu Server instances installed by using a snap, restart SSM Agent by using the following command: 

    systemctl start snap.amazon-ssm-agent.amazon-ssm-agent

Note

For more information about working with .override files in systemd environments, see Modifying Existing Unit Files.