AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관

Systems Manager Fleet Manager does not have SSM-SessionManagerRunShell document

1

I'm trying to use Systems Manager Fleet Manager to view "Performance counters", "Processes", etc. However, when trying to load those pages, I see the following error message in a red banner at the top of the page:

Fleet Manager is unable to start the session. InvalidDocument: Document with name SSM-SessionManagerRunShell does not exist.

Looking at the documents present in Systems Manager, I can see a document called AWS-RunShellScript, but none by the name that this page is looking for.

How can I get this document set up?

질문됨 일 년 전4.1천회 조회
2개 답변
1

Hello.

According to the documentation, "SSM-SessionManagerRunShell" is automatically set up when using a session manager.
https://docs.aws.amazon.com/systems-manager/latest/userguide/getting-started-sessiondocumentaccesscheck.html

When you configure Session Manager for your account, the system creates a Session type document SSM-SessionManagerRunShell. This document stores your session preferences, such as whether session data is saved in an Amazon Simple Storage Service (Amazon S3) bucket or Amazon CloudWatch Logs log group, whether session data is encrypted using AWS Key Management Service (AWS KMS), and whether Run As support is allowed for your sessions. The following is an example.

Also, looking at the questions below, it seems like this is a temporary issue and will be resolved over time.
https://serverfault.com/questions/1143873/aws-ssm-invaliddocument-document-with-name-ssm-sessionmanagerrunshell-does-not

profile picture
전문가
답변함 일 년 전
  • I found the same thread on serverfault.com, but that doesn't seem relevant here, as I haven't "switched from basic/standard to advanced tiers".

  • Is there a sane way to deal with the fact AWS doesn't provide a default SSM-SessionManagerRunShell which breaks Fleet Manager et al?

    In a multi-account organization this is a PITA as each Account AND REGION?? must be configured individually to get this document created before anything will work.

    StackSets would be my goto kludge to deal with this, but they FAIL if/when anyone has touched the Session Manager prefs and thus created this document. Documents are versioned so CF should just create a new version as default, but no that's not default behavior. Ok, so we set the UpdatePolicy to NewVersion per the documentation. That works great for updates...IF CF CREATED THE DOC...but still blows up if/when the doc already exists because someone has ClickOps it into existence.

    Frankly it boggles my mind why in the world the Session Manager team thought an SSM doc was a good place to store configuration for anything. SSM has both Parameter Store and AppConfig in the SSM product line itself and yet...it creates this ridiculous kludge for storing configs that just makes a mess.

  • Same experience as Nathan in the previous comment. I haven't switched tiers or anything. I just set up SSM today and this document doesn't exist.

0

I had the same issue today.. Before you can set a password for your new user, AWS KMS encryption must be enabled in your session preferences.

I had to enabled KMS in Session Manager Session Preferences. You will require a Customer Manged KMS key that SSM and Users can use

https://docs.aws.amazon.com/systems-manager/latest/userguide/session-preferences-enable-encryption.html

profile picture
전문가
답변함 9달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인