IAM Policies: Full Administrator Policy for Session Manager

My Saved Presets

An IAM policy that allows a user to fully interact with all instances and all sessions created by all users for all instances, as well as permissions to permission to create, update and delete preferences. It should be granted only to an Administrator who needs full control over your organization's Session Manager activities.

Missing Parameters

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "ssm:StartSession",
                "ssm:TerminateSession",
                "ssm:ResumeSession",
                "ssm:DescribeSessions",
                "ssm:GetConnectionStatus",
                "ssm:DescribeSessions",
                "ssm:GetConnectionStatus",
                "ssm:DescribeInstanceProperties",
                "ec2:DescribeInstances"
            ],
            "Resource": "*",
            "Effect": "Allow"
        },
        {
            "Action": [
                "ssm:CreateDocument",
                "ssm:UpdateDocument",
                "ssm:GetDocument"
            ],
            "Resource": [
                "arn:aws:ssm:::document/SSM-SessionManagerRunShell"
            ],
            "Effect": "Allow"
        }
    ]
}

* Required field

Loading Library ...

Full Administrator Policy for Session Manager

Actions

Customize Template

Policy Parameters