AWS Security ChangesHomeSearch

AWS systems-manager documentation change

Service: systems-manager · 2025-05-10 · Documentation low

File: systems-manager/latest/userguide/getting-started-restrict-access-quickstart.md

Summary

Changed session ARN policy variable from ${aws:userid} to ${aws:username}

Security assessment

The variable change adjusts policy structure but lacks evidence of addressing a specific security vulnerability. This appears to be a documentation clarification rather than a security fix.

Diff

diff --git a/systems-manager/latest/userguide/getting-started-restrict-access-quickstart.md b/systems-manager/latest/userguide/getting-started-restrict-access-quickstart.md
index 7fa5fb694..3a8f1eb70 100644
--- a//systems-manager/latest/userguide/getting-started-restrict-access-quickstart.md
+++ b//systems-manager/latest/userguide/getting-started-restrict-access-quickstart.md
@@ -120 +120 @@ Use this sample policy to give users the ability to start and resume sessions fr
-                    "arn:aws:ssm:*:*:session/${aws:userid}-*"
+                    "arn:aws:ssm:*:*:session/${aws:username}-*"