AWS Security ChangesHomeSearch

AWS systems-manager medium security documentation change

Service: systems-manager · 2025-05-22 · Security-related medium

File: systems-manager/latest/userguide/getting-started-default-session-document.md

Summary

Added 'ssmmessages:OpenDataChannel' permission to default session policy

Security assessment

Adds required permission for secure session data channels in AWS Systems Manager. Missing this could prevent proper secure session establishment

Diff

diff --git a/systems-manager/latest/userguide/getting-started-default-session-document.md b/systems-manager/latest/userguide/getting-started-default-session-document.md
index b300e0b49..2f1cef8a1 100644
--- a//systems-manager/latest/userguide/getting-started-default-session-document.md
+++ b//systems-manager/latest/userguide/getting-started-default-session-document.md
@@ -58,0 +59,9 @@ To start a default shell session, you must specify the default session document
+        },
+        {
+          "Effect": "Allow",
+          "Action": [
+            "ssmmessages:OpenDataChannel"
+          ],
+          "Resource": [
+            "*"
+          ]