Critical
SSM
Regional
SSM documents should not be public
NIST
Description
This control checks if SSM documents owned by the account are public, which might expose sensitive information.
Remediation
To block public sharing for SSM documents, refer to the AWS Systems Manager User Guide.
Steps
- Access the AWS Systems Manager console.
- Navigate to the SSM documents section.
- Identify and modify the sharing settings of public documents.
- Ensure that the documents are not publicly accessible.
Compliance
NIST