AWS systems-manager documentation change
Summary
Removed requirement to enable advanced-instances tier for Session Manager usage
Security assessment
The change removes a prerequisite configuration step but doesn't address any security vulnerability or weakness. Session Manager's security features (no open ports, auditable logs) remain unchanged.
Diff
diff --git a/systems-manager/latest/userguide/systems-manager-tools.md b/systems-manager/latest/userguide/systems-manager-tools.md index aa745ee81..b4f9716eb 100644 --- a//systems-manager/latest/userguide/systems-manager-tools.md +++ b//systems-manager/latest/userguide/systems-manager-tools.md @@ -61 +61 @@ Session Manager -Use [Session Manager](./session-manager.html) to manage your edge devices and Amazon Elastic Compute Cloud (Amazon EC2) instances through an interactive one-click browser-based shell or through the AWS CLI. Session Manager provides secure and auditable edge device and instance management without needing to open inbound ports, maintain bastion hosts, or manage SSH keys. Session Manager also allows you to comply with corporate policies that require controlled access to edge devices and instances, strict security practices, and fully auditable logs with edge device and instance access details, while still providing end users with simple one-click cross-platform access to your edge devices and EC2 instances. To use Session Manager, you must enable the advanced-instances tier. For more information, see [Turning on the advanced-instances tier](./fleet-manager-enable-advanced-instances-tier.html). +Use [Session Manager](./session-manager.html) to manage your edge devices and Amazon Elastic Compute Cloud (Amazon EC2) instances through an interactive one-click browser-based shell or through the AWS CLI. Session Manager provides secure and auditable edge device and instance management without needing to open inbound ports, maintain bastion hosts, or manage SSH keys. Session Manager also allows you to comply with corporate policies that require controlled access to edge devices and instances, strict security practices, and fully auditable logs with edge device and instance access details, while still providing end users with simple one-click cross-platform access to your edge devices and EC2 instances.