You can use SSM Session Manager to connect to your EC2 instances, as long as your EC2 instance has the associated IAM Role which includes the AmazonSSMManagedInstanceCore managed policy.
AWS EC2 Console
Head over to “Connect” and select “Session Manager”:
$ aws --profile prod ssm start-session --target i-0ebba722b102179b6
Starting session with SessionId: ruan.bekker-0b07cbbe261885ad3
sh-4.2$ sudo su - ec2-user
Last login: Wed Jan 6 12:55:03 UTC 2021 on pts/0
[ec2-user@ip-172-31-23-246 ~]$
Note: when you are using ssm session manager you don’t require security groups or a direct routable network to your instance.
$ ssh -i ~/.ssh/infra.pem ec2-user@i-0ebba722b102179b6
Warning: Permanently added 'i-0ebba722b102179b6' (ECDSA) to the list of known hosts.
Last login: Wed Jan 6 13:04:03 2021
__| __|_ )
_| ( / Amazon Linux 2 AMI
___|\___|___|
https://aws.amazon.com/amazon-linux-2/
[ec2-user@ip-172-31-23-246 ~]$