Its quite a cool feature! https://aws.amazon.com/blogs/aws/new-session-manager/ No more exposed open port for remote access! No more shared ssh key! Just attach SSM role to your running instances and install latest ssm-agent! I think ssm-agent will getting more and more popular just like vmtools in VMware! What else can ssm-agent do? Thats wait and see...