The question will be answered along with accountability and visibility using CloudWatch logging and cryptographic security of SSM sessions using KMS.
Hands on S.O.Ps presented by RADIFINE LABS