Disabling Session Manager logging in CloudWatch Logs and Amazon S3

You can use the Systems Manager console or Amazon CLI to disable session logging in your account.

To disable session logging (console)

Open the Amazon Systems Manager console at https://console.amazonaws.cn/systems-manager/.
In the navigation pane, choose Session Manager.
Choose the Preferences tab, and then choose Edit.
To disable CloudWatch logging, in the CloudWatch logging section, clear the Enable checkbox.
To disable S3 logging, in the S3 logging section, clear the Enable checkbox.
Choose Save.

To disable session logging (Amazon CLI)

To disable session logging using the Amazon CLI, follow the instructions in Update Session Manager preferences (command line).

In your JSON file, ensure that the s3BucketName and cloudWatchLogGroupName inputs contain no values. For example:


"inputs": {
        "s3BucketName": "",
        ...
        "cloudWatchLogGroupName": "",
        ...
    }

Alternatively, to disable logging, you can remove all S3* and cloudWatch* inputs from your JSON file.

Note

Depending on your configuration, after you disable CloudWatch or S3, a temporary log file might still be generated to disk by SSM Agent. For information about how to disable logging to disk, see Configuring session logging to disk.

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Adjusting how long the Session Manager temporary log file is stored on disk

Session document schema