AWS has announced the general availability of just-in-time node access in AWS Systems Manager, a new feature designed to eliminate persistent access permissions while preserving operational agility. This capability allows organizations to enforce zero standing privileges by requiring users to request access to managed nodes—including those in AWS, hybrid, and multi-cloud environments—before initiating a remote session via Systems Manager Session Manager.
As infrastructure scales, maintaining strict access controls becomes increasingly critical. Just-in-time node access enables administrators to grant dynamic, time-limited access through policy-driven approvals. These policies define who can access specific nodes and under what conditions—ranging from auto-approved access to manual human approvals. The feature also enhances security visibility by allowing Remote Desktop Protocol (RDP) sessions to be recorded and stored in Amazon S3 for auditing purposes.
This feature is now supported in multiple AWS Regions, including major locations across North America, South America, Europe, and Asia Pacific. Administrators can activate just-in-time node access at various levels—ranging from individual accounts to entire AWS Organizations—via the AWS Systems Manager console.
