AWS – AWS Systems Manager launches just-in-time node access

Today, AWS Systems Manager announces the launch of just-in-time node access, which helps remove long-standing permissions to nodes while maintaining operational efficiency. Customers can create zero standing privileges to nodes by requiring operators to request access to nodes managed by AWS Systems Manager that are running on AWS, hybrid, and multi-cloud environments before remotely connecting using AWS Systems Manager Session Manager.

As organizations grow, administrators need to track and control access to nodes. Just-in-time node access helps customers limit access to their systems and data to only when needed. Administrators can enable dynamic, time-bound access to nodes through policy-based approvals, controlling who can access which nodes and when. The policies determine whether an operator is denied access, automatically approved, or must obtain human approval before remotely connecting to nodes. Administrators can also increase visibility into Remote Desktop Protocol (RDP) sessions by recording session activity and storing recordings in S3.

AWS Systems Manager just-in-time node access is available in the following AWS Regions: Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Canada (Central), Europe (Frankfurt), Europe (Stockholm), Europe (Ireland), Europe (London), Europe (Paris), South America (São Paulo), US East (N. Virginia), US East (Ohio), US West (N. California), and US West (Oregon). Just-in-time node access can be enabled in individual accounts, select organization units (OUs), or across an entire organization through the AWS Systems Manager console.

To get started, visit our user guide. To learn more about pricing, visit our pricing page.

Read More for the details.