Posted On: Apr 4, 2019

You can now use AWS Systems Manager Session Manager to encrypt session interaction data with your own encryption key, managed by AWS Key Management Service (AWS KMS).

Systems Manager Session Manager enables you to manage your AWS and on-premises instances through an interactive and secure shell. During these sessions, Session Manager exchanges data between a client and a managed instance over a secure channel that is encrypted using TLS 1.2. With this update, Session Manager now enables you to use your own AWS KMS-managed key to encrypt session traffic between a browser or CLI client and an instance. Encrypting session data with your key also enables sessions to handle confidential data interactions, such as password resets, and further improves your security posture when using Systems Manager Session Manager.

This enhancement, and the latest AWS Systems Manager Agent, is available for all AWS Regions where AWS Systems Manager is available. For more information, see our Documentation. To learn more about AWS Systems Manager Session Manager, visit our Product Page.