Global Cookie Encryption

The Global Cookie Encryption feature is designed for customers deploying WorkSpaces Manager behind a load balancer with multiple instances. When enabled, this feature ensures consistent and secure user session handling across all instances by using a shared encryption key stored in AWS Systems Manager Parameter Store.

To support this functionality, the WSM instance role must be granted the following permissions:

{
      "Version": "2012-10-17",
      "Statement": [
            {
                  "Effect": "Allow",
                  "Action": [
                        "ssm:PutParameter",
                        "ssm:GetParameter",
                        "ssm:GetParameters",
                        "ssm:DeleteParameter"
                  ],
                  "Resource": "*"
            }
      ]
}

PreviousAppendices NextCost Optimizer Verification

Last updated 2 days ago