Disabling Session Manager logging in CloudWatch Logs and Amazon S3

You can use the Systems Manager console or AWS CLI to disable session logging in your account.

To disable session logging (console)

Open the AWS Systems Manager console at https://console.aws.amazon.com/systems-manager/.
In the navigation pane, choose Session Manager.
Choose the Preferences tab, and then choose Edit.
To disable CloudWatch logging, in the CloudWatch logging section, clear the Enable checkbox.
To disable S3 logging, in the S3 logging section, clear the Enable checkbox.
Choose Save.

To disable session logging (AWS CLI)

To disable session logging using the AWS CLI, follow the instructions in Update Session Manager preferences (command line).

In your JSON file, ensure that the s3BucketName and cloudWatchLogGroupName inputs contain no values. For example:


"inputs": {
        "s3BucketName": "",
        ...
        "cloudWatchLogGroupName": "",
        ...
    }

Alternatively, to disable logging, you can remove all S3* and cloudWatch* inputs from your JSON file.

Note

Depending on your configuration, after you disable CloudWatch or S3, a temporary log file might still be generated to disk by SSM Agent. For information about how to disable logging to disk, see Configuring session logging to disk.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Adjusting how long the Session Manager temporary log file is stored on disk

Session document schema