AWS Security ChangesHomeSearch

AWS general documentation change

Service: general · 2025-04-11 · Documentation low

File: general/latest/gr/ssm.md

Summary

Reorganized content by moving Quick Setup endpoints to related services section, added new related services links, and relocated note about required HTTPS endpoints for managed nodes

Security assessment

The note about requiring HTTPS access to ec2messages/ssmmessages endpoints is a security configuration requirement but represents existing guidance being relocated rather than addressing a new vulnerability. No evidence of a specific security incident being resolved.

Diff

diff --git a/general/latest/gr/ssm.md b/general/latest/gr/ssm.md
index fc7f6fcef..937733081 100644
--- a//general/latest/gr/ssm.md
+++ b//general/latest/gr/ssm.md
@@ -14,0 +15,15 @@ The following are the service endpoints and service quotas for this service.
+###### Related services
+
+For information about endpoints and quotas for related services, see the following topics:
+
+  * [AWS AppConfig endpoints and quotas](./appconfig.html)
+
+  * [AWS Systems Manager Incident Manager endpoints and quotas](./incident-manager.html)
+
+  * [Systems Manager Quick Setup endpoints and quotas](./quick-setup.html)
+
+  * [AWS Systems Manager for SAP endpoints and quotas](./ssm-sap.html)
+
+
+
+
@@ -16,0 +32,13 @@ The following are the service endpoints and service quotas for this service.
+###### Note
+
+In addition to the `ssm.*` endpoints documented in the following table, your managed nodes must also allow HTTPS (port 443) outbound traffic to the following endpoints.
+
+  * `ec2messages.*`
+
+  * `ssmmessages.*`
+
+
+
+
+For more information, see [Reference: ec2messages, ssmmessages, and other API operations](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html) in the _AWS Systems Manager User Guide_.
+
@@ -54,49 +81,0 @@ AWS GovCloud (US-West) | us-gov-west-1 |  ssm.us-gov-west-1.amazonaws.com  | HTT
-###### Note
-
-In addition to the `ssm.*` endpoints documented in the preceding table, your managed nodes must also allow HTTPS (port 443) outbound traffic to the following endpoints. 
-
-  * `ec2messages.*`
-
-  * `ssmmessages.*`
-
-
-
-
-For more information, see [Reference: ec2messages, ssmmessages, and other API operations](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-setting-up-messageAPIs.html) in the _AWS Systems Manager User Guide_.
-
-###### Service endpoints for Quick setup
-
-[Quick Setup](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-quick-setup.html) is an AWS Systems Manager tool used for to quickly configuring frequently used Amazon Web Services services and features with recommended best practices.
-
-Region Name | Region | Endpoint | Protocol  
----|---|---|---  
-US East (Ohio) | us-east-2 |  ssm-quicksetup.us-east-2.amazonaws.com  ssm-quicksetup-fips.us-east-2.amazonaws.com  |  HTTPS HTTPS  
-US East (N. Virginia) | us-east-1 |  ssm-quicksetup.us-east-1.amazonaws.com  ssm-quicksetup-fips.us-east-1.amazonaws.com  |  HTTPS HTTPS  
-US West (N. California) | us-west-1 |  ssm-quicksetup.us-west-1.amazonaws.com  ssm-quicksetup-fips.us-west-1.amazonaws.com  |  HTTPS HTTPS  
-US West (Oregon) | us-west-2 |  ssm-quicksetup.us-west-2.amazonaws.com  ssm-quicksetup-fips.us-west-2.amazonaws.com  |  HTTPS HTTPS  
-Asia Pacific (Mumbai) | ap-south-1 |  ssm-quicksetup.ap-south-1.amazonaws.com  | HTTPS  
-Asia Pacific (Seoul) | ap-northeast-2 |  ssm-quicksetup.ap-northeast-2.amazonaws.com  | HTTPS  
-Asia Pacific (Singapore) | ap-southeast-1 |  ssm-quicksetup.ap-southeast-1.amazonaws.com  | HTTPS  
-Asia Pacific (Sydney) | ap-southeast-2 |  ssm-quicksetup.ap-southeast-2.amazonaws.com  | HTTPS  
-Asia Pacific (Tokyo) | ap-northeast-1 |  ssm-quicksetup.ap-northeast-1.amazonaws.com  | HTTPS  
-Canada (Central) | ca-central-1 |  ssm-quicksetup.ca-central-1.amazonaws.com  ssm-quicksetup-fips.ca-central-1.amazonaws.com  |  HTTPS HTTPS  
-Europe (Frankfurt) | eu-central-1 |  ssm-quicksetup.eu-central-1.amazonaws.com  | HTTPS  
-Europe (Ireland) | eu-west-1 |  ssm-quicksetup.eu-west-1.amazonaws.com  | HTTPS  
-Europe (London) | eu-west-2 |  ssm-quicksetup.eu-west-2.amazonaws.com  | HTTPS  
-Europe (Paris) | eu-west-3 |  ssm-quicksetup.eu-west-3.amazonaws.com  | HTTPS  
-Europe (Stockholm) | eu-north-1 |  ssm-quicksetup.eu-north-1.amazonaws.com  | HTTPS  
-South America (São Paulo) | sa-east-1 |  ssm-quicksetup.sa-east-1.amazonaws.com  | HTTPS  
-  
-###### Related services
-
-For information about endpoints for related services, see the following topics:
-
-  * AWS AppConfig – [AWS AppConfig endpoints and quotas](./appconfig.html)
-
-  * Incident Manager – [AWS Systems Manager Incident Manager endpoints and quotas](./incident-manager.html)
-
-  * AWS Systems Manager for SAP – [AWS Systems Manager for SAP endpoints and quotas](./ssm-sap.html)
-
-
-
-
@@ -322 +300,0 @@ Operation history retention | Most recent 150 operations
-Execution history retention |  30 days The history of each command is available for up to 30 days. In addition, you can store a copy of all log files in Amazon Simple Storage Service or have an audit trail of all API calls in AWS CloudTrail.