AWS systems-manager medium security documentation change
Summary
Added 'ssmmessages:OpenDataChannel' permission to default session policy
Security assessment
Adds required permission for secure session data channels in AWS Systems Manager. Missing this could prevent proper secure session establishment
Diff
diff --git a/systems-manager/latest/userguide/getting-started-default-session-document.md b/systems-manager/latest/userguide/getting-started-default-session-document.md index b300e0b49..2f1cef8a1 100644 --- a//systems-manager/latest/userguide/getting-started-default-session-document.md +++ b//systems-manager/latest/userguide/getting-started-default-session-document.md @@ -58,0 +59,9 @@ To start a default shell session, you must specify the default session document + }, + { + "Effect": "Allow", + "Action": [ + "ssmmessages:OpenDataChannel" + ], + "Resource": [ + "*" + ]