By Implementation

Service Control PoliciesConfig RulesAuto Remediation RulesConformance PacksAmazon GuardDutyAmazon InspectorAWS Security HubAWS Network FirewallRoute53 Resolver SecurityAmazon MacieS3 Bucket PoliciesCloudWatch Alarms and Event RulesAWS WAFAWS Secrets ManagerAWS Systems ManagerSecurity Groups & NACLsAWS KMSIAM Policies

By Service Protected

Configuration Packages

Strategy Guides

Other

IAM Policies

Full Administrator Policy for Session Manager

An IAM policy that allows a user to fully interact with all instances and all sessions created by all users for all instances, as well as permissions to permission to create, update and delete preferences. It should be granted only to an Administrator who needs full control over your organization's Session Manager activities.

AWS Documentation
Missing Parameters
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "ssm:StartSession",
                "ssm:TerminateSession",
                "ssm:ResumeSession",
                "ssm:DescribeSessions",
                "ssm:GetConnectionStatus",
                "ssm:DescribeSessions",
                "ssm:GetConnectionStatus",
                "ssm:DescribeInstanceProperties",
                "ec2:DescribeInstances"
            ],
            "Resource": "*",
            "Effect": "Allow"
        },
        {
            "Action": [
                "ssm:CreateDocument",
                "ssm:UpdateDocument",
                "ssm:GetDocument"
            ],
            "Resource": [
                "arn:aws:ssm:::document/SSM-SessionManagerRunShell"
            ],
            "Effect": "Allow"
        }
    ]
}

Actions



Customize Template

Policy Parameters

* Required field