Menu
Amazon EC2 Systems Manager
User Guide

How to Modify Permissions for a Shared Document

If you share a command, users can view and use that command until you either remove access to the Systems Manager document or delete the Systems Manager document. However, you cannot delete a document as long as it is shared. You must stop sharing it first and then delete it.

Stop Sharing a Document Using the Amazon EC2 Console

  1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.

  2. In the navigation pane, choose Documents.

  3. In the documents list, choose the document you want to stop sharing. Choose the Permissions tab and verify that you are the document owner. Only a document owner can stop sharing a document.

  4. Choose Edit.

  5. Delete the AWS account ID that should no longer have access to the command, and then choose Save.

Stop Sharing a Document Using the AWS CLI

Open the AWS CLI on your local computer and execute the following command to stop sharing a command.

Copy
aws ssm modify-document-permission --name document name --permission-type Share --account-ids-to-remove 'AWS account ID'

Stop Sharing a Document Using AWS Tools for Windows PowerShell

Open AWS Tools for Windows PowerShell on your local computer and execute the following command to stop sharing a command.

Copy
Edit-SSMDocumentPermission -Name document name –AccountIdsToRemove AWS account ID -PermissionType Share