Connect to a server. Sounds like one step. For me it was five.
Open the AWS console, scroll the instance list, squint, copy a string like i-07a1b2c3d4e5f6a7b, paste it into my terminal. Then do it all again an hour later. Repeat this for 10 instances.
I assumed that was just the tax of the job. It wasn’t — and I didn’t find that out until a friend showed me what he’d quietly built to escape it.
If you connect to EC2 boxes over SSM and you’ve never once had an instance ID memorized, this one’s for you. By the end you’ll know the small, free tool that collapsed that whole ritual into one open panel and one keystroke — and exactly how to start using it tonight.
The dance I did twenty times a day
Here’s the setup. I reach my servers through SSM Session Manager — that’s AWS Systems Manager Session Manager, the access model where the session goes through Systems Manager and IAM instead of a bastion host or an open SSH port. EC2 is just Amazon’s term for those cloud servers.
The command to start a session is honestly fine:
aws ssm start-session --target i-07a1b2c3d4e5f6a7b
The problem is that i-07a1b2c3d4e5f6a7b. Nobody memorizes it. So every single connect was the same little errand: list the instances, find the right box, copy the ID, paste it back, run the command. Then forget it and do it again next time.
I told myself this was normal. What I didn’t know was that the friction had a name — and somebody I knew had already killed it.
What I tried first, and why none of it stuck
I wasn’t the first person to be annoyed by this. There are one-shot pickers for it — tools like gossm and aws-gate — and they do help.
But they’re fzf-style: you pick a box, you connect, the picker closes. When the session ends, you’re dumped back at a bare shell. For the one task I repeat all day, summoning the picker from scratch every single time still felt like a chore wearing a nicer outfit.
The other “fix” was worse: aws ec2 describe-instances and reading a wall of JSON, or alt-tabbing to the console to squint at a list.
What I actually wanted was dead simple — something that just stayed open. As it turned out, a friend had already built exactly that.
The turning point: a panel that stays open
A friend from my cohort at the Apple Developer Institute for DevOps had hit the same wall and done something about it. He wrote a tool called lazyssm — a Go terminal UI (a TUI, meaning a full-screen app that runs right in your terminal).
It does the obvious thing that none of the others did. It lists my fleet in a panel, I arrow down to a box, I hit Enter, and I’m in a shell. I end the session, and I land back on the same list. The instance ID never touches my brain or my clipboard again.
Installing it was one line:
go install github.com/chalvinwz/lazyssm@latest
That alone would have been enough to win me over. But the part that actually reshaped my day was smaller, and a little weirder than I expected.
The part nobody tells you: it searches names, not IDs
Inside the panel, / opens a fuzzy search. And the detail that matters is what it searches: it matches on the server's Name, not the instance ID.
That sounds like a footnote until you’ve lived without it. If a search fuzzy-matches against instance IDs, every hex digit you type lights up half the list — the IDs are pure noise to a human. Matching on names means I type web-2 and the right box leaps to the top.
There’s a second filter doing quiet heavy lifting too. When I narrow by tag or name, that filter gets pushed to AWS — the server does the narrowing and only sends back what matched. So it stays fast even on an account with a real number of instances, not just a demo.
Between those two, I stopped thinking in instance IDs entirely and started thinking in names — which is how I picture my servers anyway. That shift is the whole thing.
And then there’s the subcommand that’s saved me more quiet embarrassment than any of it.
The doctor that checks before I connect
lazyssm doctor runs the boring pre-flight checks that otherwise blow up mid-connect:
lazyssm doctor
It checks whether session-manager-plugin is installed, whether my SSO session (single sign-on) is still alive, whether a region is set, and who I'm actually authenticated as. The genuinely nice part: when something's wrong, it hands me the one fix to run — like aws sso login — instead of a cryptic failure halfway into a session I thought was about to open.
It’s the difference between “why did that just hang” and “oh, my login expired, here’s the command.” Small, but it’s the kind of small that adds up.
The little conveniences that make it sticky
A few more things that sound minor and aren’t, once they’re part of your day:
- I can pin the handful of boxes I touch constantly to the top of the list.
ttoggles between "things I can actually connect to right now" and "all EC2," which is exactly what I need when I'm hunting a box whose agent is mysteriously missing.rrefreshes the list.- It sorts naturally, so
g-2comes beforeg-10instead of after it — the way a human reads them.
None of these are load-bearing infrastructure. They’re conveniences for someone who connects to the same boxes all day, which is the point: it removes one specific chore and refuses to grow past it.
Where it pinches (an honest note)
It’s worth saying what it isn’t. lazyssm is a personal-scale tool: one profile, one region, one panel. There’s no multi-account orchestration, no role-assumption matrix.
If you ran it unfiltered against a massive account, you’d feel it pull the whole fleet. But for my actual life — the same handful of boxes, all day — that scope is exactly right, and keeping it narrow is why it stays fast and simple.
The takeaway
The command underneath hasn’t changed one bit. I still start an SSM session the same way I always did. I just don’t go find the instance ID by hand anymore — I open a panel, the boxes are already there, I hit Enter, and I’m in.
If you do the same console-squinting dance I used to, the fix is genuinely one go install away.
Credit where it’s due, and the source of truth: lazyssm is my friend’s open-source project — repo here: github.com/chalvinwz/lazyssm. If you want the real engineering story behind it — how it merges two AWS API calls into one list, how he handled the race conditions when fast keystrokes outrun slow fetches, and the demo mode he built for recording — read his original write-up, which is the source of truth for everything technical: I stopped picking EC2 instances by hand.
Comments
Loading comments…