AWS Security ChangesHomeSearch

AWS ssm-sap documentation change

Service: ssm-sap · 2025-03-23 · Documentation medium

File: ssm-sap/latest/userguide/iam-policies.md

Summary

Removed documentation about December 2024 policy update that added EC2 describe permissions for discovery functionality

Security assessment

Change removes documentation about previous policy expansion but doesn't indicate any security vulnerability or weakness being addressed

Diff

diff --git a/ssm-sap/latest/userguide/iam-policies.md b/ssm-sap/latest/userguide/iam-policies.md
index 718fba8e7..9c9942aa9 100644
--- a/ssm-sap/latest/userguide/iam-policies.md
+++ b/ssm-sap/latest/userguide/iam-policies.md
@@ -115,9 +114,0 @@ Change | Description | Date
-[AWSSSMForSAPServiceLinkedRolePolicy](https://docs.aws.amazon.com/ssm-sap/latest/userguide/slr.html#slr-permissions) – Updated policy |  The following permissions have been added to `DescribeInstanceActions` within this policy:
-
-  * `ec2:DescribeRouteTables`
-  * `ec2:DescribeInstanceTypes`
-  * `ec2:DescribeVolumes`
-  * `ec2:DescribeInstanceAttribute`
-  * `ec2:DescribeSnapshots`
-
-These permissions are required to support new functionality that allows users to run discovery on workloads. | December 20, 2024