diff --git a/README.md b/README.md
index 980fe42..f8d8690 100644
--- a/README.md
+++ b/README.md
@@ -150,7 +150,6 @@ This project creates and manages resources within an AWS account for infrastruct
 | [aws_iam_policy.infrastructure_ecs_cluster_logspout_image_codebuild_allow_builds](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
 | [aws_iam_policy.infrastructure_ecs_cluster_logspout_image_codebuild_cloudwatch_rw](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
 | [aws_iam_policy.infrastructure_ecs_cluster_logspout_image_codebuild_ecr_push](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.infrastructure_ecs_cluster_pass_role_ssm_dhmc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
 | [aws_iam_policy.infrastructure_ecs_cluster_s3_transfer_bucket_rw](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
 | [aws_iam_policy.infrastructure_ecs_cluster_service_blue_green_codedeploy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
 | [aws_iam_policy.infrastructure_ecs_cluster_service_blue_green_codedeploy_kms_encrypt](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
@@ -173,7 +172,6 @@ This project creates and manages resources within an AWS account for infrastruct
 | [aws_iam_policy.infrastructure_ecs_cluster_service_task_execution_kms_decrypt](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
 | [aws_iam_policy.infrastructure_ecs_cluster_service_task_execution_s3_read_envfiles](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
 | [aws_iam_policy.infrastructure_ecs_cluster_service_task_ssm_create_channels](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
-| [aws_iam_policy.infrastructure_ecs_cluster_ssm_service_setting_rw](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
 | [aws_iam_policy.infrastructure_rds_monitoring](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
 | [aws_iam_policy.infrastructure_rds_s3_backups_cloudwatch_schedule_ecs_run_task](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
 | [aws_iam_policy.infrastructure_rds_s3_backups_cloudwatch_schedule_pass_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
@@ -225,7 +223,6 @@ This project creates and manages resources within an AWS account for infrastruct
 | [aws_iam_role_policy_attachment.infrastructure_ecs_cluster_logspout_image_codebuild_allow_builds](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_iam_role_policy_attachment.infrastructure_ecs_cluster_logspout_image_codebuild_cloudwatch_rw](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_iam_role_policy_attachment.infrastructure_ecs_cluster_logspout_image_codebuild_ecr_push](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.infrastructure_ecs_cluster_pass_role_ssm_dhmc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_iam_role_policy_attachment.infrastructure_ecs_cluster_s3_transfer_bucket_rw](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_iam_role_policy_attachment.infrastructure_ecs_cluster_service_blue_green_codedeploy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_iam_role_policy_attachment.infrastructure_ecs_cluster_service_blue_green_codedeploy_kms_encrypt](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
@@ -248,7 +245,6 @@ This project creates and manages resources within an AWS account for infrastruct
 | [aws_iam_role_policy_attachment.infrastructure_ecs_cluster_service_task_execution_kms_decrypt](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_iam_role_policy_attachment.infrastructure_ecs_cluster_service_task_execution_s3_read_envfiles](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_iam_role_policy_attachment.infrastructure_ecs_cluster_service_task_ssm_create_channels](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_iam_role_policy_attachment.infrastructure_ecs_cluster_ssm_service_setting_rw](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_iam_role_policy_attachment.infrastructure_rds_monitoring](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_iam_role_policy_attachment.infrastructure_rds_s3_backups_cloudwatch_schedule_ecs_run_task](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_iam_role_policy_attachment.infrastructure_rds_s3_backups_cloudwatch_schedule_pass_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
@@ -436,7 +432,6 @@ This project creates and manages resources within an AWS account for infrastruct
 | [aws_sns_topic.infrastructure_opsgenie_sns_topic](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/sns_topic) | data source |
 | [aws_sns_topic.infrastructure_slack_sns_topic](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/sns_topic) | data source |
 | [external_external.s3_presigned_url](https://registry.terraform.io/providers/hashicorp/external/latest/docs/data-sources/external) | data source |
-| [external_external.ssm_dhmc_setting](https://registry.terraform.io/providers/hashicorp/external/latest/docs/data-sources/external) | data source |
 
 ## Inputs
 
diff --git a/data.tf b/data.tf
index 5b1086f..6f33b6d 100644
--- a/data.tf
+++ b/data.tf
@@ -80,19 +80,6 @@ data "aws_cloudfront_response_headers_policy" "managed_policy" {
   name = "Managed-${each.value}"
 }
 
-# aws_ssm_service_setting doesn't yet have a data source, so we need to use
-# a script to retrieve SSM service settings
-# https://github.com/hashicorp/terraform-provider-aws/issues/25170
-data "external" "ssm_dhmc_setting" {
-  count = local.enable_infrastructure_ecs_cluster ? 1 : 0
-
-  program = ["/bin/bash", "external-data-scripts/get-ssm-service-setting.sh"]
-
-  query = {
-    setting_id = "arn:aws:ssm:${local.aws_region}:${local.aws_account_id}:servicesetting/ssm/managed-instance/default-ec2-instance-management-role"
-  }
-}
-
 data "external" "s3_presigned_url" {
   for_each = local.enable_cloudformatian_s3_template_store ? local.s3_object_presign : []
 
diff --git a/ecs-cluster-infrastructure.tf b/ecs-cluster-infrastructure.tf
index 40c9c55..86f9e90 100644
--- a/ecs-cluster-infrastructure.tf
+++ b/ecs-cluster-infrastructure.tf
@@ -50,43 +50,6 @@ resource "aws_iam_role_policy_attachment" "infrastructure_ecs_cluster_ec2_ecs" {
   policy_arn = aws_iam_policy.infrastructure_ecs_cluster_ec2_ecs[0].arn
 }
 
-resource "aws_iam_policy" "infrastructure_ecs_cluster_ssm_service_setting_rw" {
-  count = local.infrastructure_ecs_cluster_enable_ssm_dhmc ? 1 : 0
-
-  name = "${local.resource_prefix}-ssm-service-setting-rw"
-  policy = templatefile(
-    "${path.root}/policies/ssm-service-setting-rw.json.tpl",
-    { ssm_service_setting_arn = data.external.ssm_dhmc_setting[0].result.arn }
-  )
-}
-
-resource "aws_iam_role_policy_attachment" "infrastructure_ecs_cluster_ssm_service_setting_rw" {
-  count = local.infrastructure_ecs_cluster_enable_ssm_dhmc ? 1 : 0
-
-  role       = aws_iam_role.infrastructure_ecs_cluster[0].name
-  policy_arn = aws_iam_policy.infrastructure_ecs_cluster_ssm_service_setting_rw[0].arn
-}
-
-resource "aws_iam_policy" "infrastructure_ecs_cluster_pass_role_ssm_dhmc" {
-  count = local.infrastructure_ecs_cluster_enable_ssm_dhmc ? 1 : 0
-
-  name = "${local.resource_prefix}-pass-role-ssm-dhmc"
-  policy = templatefile(
-    "${path.root}/policies/pass-role.json.tpl",
-    {
-      role_arns = jsonencode(["arn:aws:iam::${local.aws_account_id}:role/${data.external.ssm_dhmc_setting[0].result.setting_value}"])
-      services  = jsonencode(["ssm.amazonaws.com"])
-    }
-  )
-}
-
-resource "aws_iam_role_policy_attachment" "infrastructure_ecs_cluster_pass_role_ssm_dhmc" {
-  count = local.infrastructure_ecs_cluster_enable_ssm_dhmc ? 1 : 0
-
-  role       = aws_iam_role.infrastructure_ecs_cluster[0].name
-  policy_arn = aws_iam_policy.infrastructure_ecs_cluster_pass_role_ssm_dhmc[0].arn
-}
-
 resource "aws_iam_policy" "infrastructure_ecs_cluster_s3_transfer_bucket_rw" {
   count = local.enable_infrastructure_vpc_transfer_s3_bucket ? 1 : 0
 
@@ -284,8 +247,6 @@ resource "aws_autoscaling_group" "infrastructure_ecs_cluster" {
 
   depends_on = [
     aws_iam_role_policy_attachment.infrastructure_ecs_cluster_ec2_ecs,
-    aws_iam_role_policy_attachment.infrastructure_ecs_cluster_ssm_service_setting_rw,
-    aws_iam_role_policy_attachment.infrastructure_ecs_cluster_pass_role_ssm_dhmc,
     aws_iam_role_policy_attachment.infrastructure_ecs_cluster_s3_transfer_bucket_rw,
     aws_iam_role_policy_attachment.infrastructure_ecs_cluster_kms_encrypt,
   ]
diff --git a/locals.tf b/locals.tf
index 1810ccd..243291c 100644
--- a/locals.tf
+++ b/locals.tf
@@ -147,7 +147,6 @@ locals {
   infrastructure_ecs_cluster_enable_debug_mode                        = var.infrastructure_ecs_cluster_enable_debug_mode
   infrastructure_ecs_cluster_enable_execute_command_logging           = var.infrastructure_ecs_cluster_enable_execute_command_logging
   infrastructure_ecs_cluster_wafs                                     = var.infrastructure_ecs_cluster_wafs
-  infrastructure_ecs_cluster_enable_ssm_dhmc                          = local.enable_infrastructure_ecs_cluster ? data.external.ssm_dhmc_setting[0].result.setting_value != "$None" : false
   infrastructure_ecs_cluster_syslog_endpoint                          = var.infrastructure_ecs_cluster_syslog_endpoint
   infrastructure_ecs_cluster_syslog_port                              = local.infrastructure_ecs_cluster_syslog_endpoint != "" ? split(":", local.infrastructure_ecs_cluster_syslog_endpoint)[2] : null
   infrastructure_ecs_cluster_syslog_permitted_peer                    = var.infrastructure_ecs_cluster_syslog_permitted_peer