{"slug":"iam-aws-ssm","cloud":"aws","service":"ssm","title":"AWS Systems Manager (IAM)","description":"AWS Systems Manager (SSM) is a management service that provides operational insights, automation, and secure remote management of EC2 instances and hybrid infrastructure.","category":"management","common_permissions":["ssm:GetParameter","ssm:GetParameters","ssm:PutParameter","ssm:ListDocuments","ssm:GetDocument","ssm:StartSession","ssm:GetInventory","ssm:ListCommands"],"least_privilege_example":"{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"ssm:GetParameter\",\n        \"ssm:GetParameters\",\n        \"ssm:PutParameter\",\n        \"ssm:ListDocuments\",\n        \"ssm:GetDocument\",\n        \"ssm:StartSession\",\n        \"ssm:GetInventory\",\n        \"ssm:ListCommands\"\n      ],\n      \"Resource\": \"*\"\n    }\n  ]\n}","warnings":["Avoid ssm:* — grants full control including parameter deletion and session termination","Avoid ssm:StartSession unless needed — allows interactive shell access to instances"],"docs":"https://servicereference.us-east-1.amazonaws.com/v1/ssm/ssm.json","tags":["iam","aws"],"last_verified":"2026-06-14T00:00:00.000Z","next_check":"2026-12-11T00:00:00.000Z","created_at":"2026-06-14T04:48:55.212Z","updated_at":"2026-06-14T04:48:55.212Z"}