OP AWS CLI Plugin with AWS SSM via SSH config

I just started using the AWS CLI Plugin which works great. I can for example run aws s3 ls with no problems. The issue that I haven't managed to solve yet is how do I use it with SSH over AWS SSM. The AWS docs describe the ~/.ssh/config like the following:


host i-* mi-*
User <user>
IdentityFile ~/.ssh/<identity>
ProxyCommand sh -c "aws --region <region> --profile default ssm start-session --target %h --document-name AWS-StartSSHSession --parameters 'portNumber=%p'"


Which works great without the 1Password AWS CLI plugin. With the plugin enabled and the credentials deleted from ~/.aws/credentials I get the following:


Unable to locate credentials. You can configure credentials by running "aws configure".
kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535


My first pass at fixing this was adjusting the ProxyCommand to include op plugin run like the following:


ProxyCommand sh -c "op plugin run -- aws --region <region> --profile default ssm start-session --target %h --document-name AWS-StartSSHSession --parameters 'portNumber=%p'"


That prompted for authorization like it was going to work but unfortunately didn't fix it.

NOTE: I also go the following error:


An error occurred (TargetNotConnected) when calling the StartSession operation: i-<instance id> is not connected.
kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535


Lastly, I tried adjusting the ProxyCommand shell like the following thinking their may be some environment issue (the plugins are setup in ~/.bashrc).

ProxyCommand bash -c ...

Can anyone provide direction on making this work?

1Password 8.10.26
OP CLI 2.25.0
Mac 14.3.1

---

1Password Version: 2.25.0
Extension Version: Not Provided
OS Version: 14.3.1
Browser: Not Provided