Error No IMDS credentials found on instance.failed to run commands: exit status 156
I'm trying to automate Patching on Ubuntu 20.04 EC2 instances with Patch Manager and I'm getting this error while trying to execute AWS-QuickSetup-PatchPolicy-ScanForPatches: No IMDS credentials found on instance.failed to run commands: exit status 156
Output log:
/usr/bin/python3
/usr/bin/apt-get
Reading package lists...
Building dependency tree...
Reading state information...
Suggested packages:
python3-apt-dbg python-apt-doc
The following packages will be upgraded:
python3-apt
1 upgraded, 0 newly installed, 0 to remove and 98 not upgraded.
Need to get 154 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu focal-updates/main amd64 python3-apt amd64 2.0.1ubuntu0.20.04.1 [154 kB]
Fetched 154 kB in 0s (7140 kB/s)
(Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 66481 files and directories currently installed.)
Preparing to unpack .../python3-apt_2.0.1ubuntu0.20.04.1_amd64.deb ...
Unpacking python3-apt (2.0.1ubuntu0.20.04.1) over (2.0.0ubuntu0.20.04.8) ...
Setting up python3-apt (2.0.1ubuntu0.20.04.1) ...
Using python binary: 'python3'
Using Python Version: Python 3.8.10
05/24/2023 10:25:31 root [INFO]: Downloading payload from https://s3.dualstack.eu-central-1.amazonaws.com/aws-ssm-eu-central-1/patchbaselineoperations/linux/payloads/patch-baseline-operations-1.108.tar.gz
05/24/2023 10:25:31 root [INFO]: Attempting to import entrance file os_selector
05/24/2023 10:25:32 root [INFO]: Running with snapshot id = and operation = Scan
05/24/2023 10:25:32 root [INFO]: Downloading Baseline Override from s3://aws-quicksetup-patchpolicy-012881927014-b0p5g/baseline_overrides.json
05/24/2023 10:25:32 root [ERROR]: Unable to download file from S3: s3://aws-quicksetup-patchpolicy-012881927014-b0p5g/baseline_overrides.json.
05/24/2023 10:25:32 root [ERROR]: Error loading entrance module.
Traceback (most recent call last):
File "/var/log/amazon/ssm/patch-baseline-operations/common_startup_entrance.py", line 203, in execute
exit( entrance_module.execute(*argv))
File "/var/log/amazon/ssm/patch-baseline-operations/os_selector.py", line 54, in execute
common_os_selector_methods.fetch_snapshot(operation_type, instance_id, region, reboot_option, document_step,
File "/var/log/amazon/ssm/patch-baseline-operations/common_os_selector_methods.py", line 279, in fetch_snapshot
baseline_override_dict = load_baseline_override(instance_id, baseline_override, document_step, region)
File "/var/log/amazon/ssm/patch-baseline-operations/patch_common/baseline_override.py", line 29, in load_baseline_override
baseline_overrides = _download_baseline_override_content(instance_id, baseline_override_path, region)
File "/var/log/amazon/ssm/patch-baseline-operations/patch_common/baseline_override.py", line 97, in _download_baseline_override_content
if download_file(instance_id, baseline_override_path, file_name, region):
File "/var/log/amazon/ssm/patch-baseline-operations/patch_common/downloader.py", line 56, in download_file
downloaded = download_from_s3(instance_id, remote_path, local_file_path, region)
File "/var/log/amazon/ssm/patch-baseline-operations/patch_common/downloader.py", line 35, in download_from_s3
s3_client.download_file(result.group(1), result.group(2), file_path)
File "/var/log/amazon/ssm/patch-baseline-operations/boto3/s3/inject.py", line 170, in download_file
return transfer.download_file(
File "/var/log/amazon/ssm/patch-baseline-operations/boto3/s3/transfer.py", line 307, in download_file
future.result()
File "/var/log/amazon/ssm/patch-baseline-operations/s3transfer/futures.py", line 106, in result
return self._coordinator.result()
File "/var/log/amazon/ssm/patch-baseline-operations/s3transfer/futures.py", line 265, in result
raise self._exception
File "/var/log/amazon/ssm/patch-baseline-operations/s3transfer/tasks.py", line 255, in _main
self._submit(transfer_future=transfer_future, **kwargs)
File "/var/log/amazon/ssm/patch-baseline-operations/s3transfer/download.py", line 342, in _submit
response = client.head_object(
File "/var/log/amazon/ssm/patch-baseline-operations/botocore/client.py", line 276, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/var/log/amazon/ssm/patch-baseline-operations/botocore/client.py", line 586, in _make_api_call
raise error_class(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (404) when calling the HeadObject operation: Not Found
05/24/2023 10:25:32 root [ERROR]: An error occurred (404) when calling the HeadObject operation: Not Found
Traceback (most recent call last):
File "/var/log/amazon/ssm/patch-baseline-operations/common_startup_entrance.py", line 203, in execute
exit( entrance_module.execute(*argv))
File "/var/log/amazon/ssm/patch-baseline-operations/os_selector.py", line 54, in execute
common_os_selector_methods.fetch_snapshot(operation_type, instance_id, region, reboot_option, document_step,
File "/var/log/amazon/ssm/patch-baseline-operations/common_os_selector_methods.py", line 279, in fetch_snapshot
baseline_override_dict = load_baseline_override(instance_id, baseline_override, document_step, region)
File "/var/log/amazon/ssm/patch-baseline-operations/patch_common/baseline_override.py", line 29, in load_baseline_override
baseline_overrides = _download_baseline_override_content(instance_id, baseline_override_path, region)
File "/var/log/amazon/ssm/patch-baseline-operations/patch_common/baseline_override.py", line 97, in _download_baseline_override_content
if download_file(instance_id, baseline_override_path, file_name, region):
File "/var/log/amazon/ssm/patch-baseline-operations/patch_common/downloader.py", line 56, in download_file
downloaded = download_from_s3(instance_id, remote_path, local_file_path, region)
File "/var/log/amazon/ssm/patch-baseline-operations/patch_common/downloader.py", line 35, in download_from_s3
s3_client.download_file(result.group(1), result.group(2), file_path)
File "/var/log/amazon/ssm/patch-baseline-operations/boto3/s3/inject.py", line 170, in download_file
return transfer.download_file(
File "/var/log/amazon/ssm/patch-baseline-operations/boto3/s3/transfer.py", line 307, in download_file
future.result()
File "/var/log/amazon/ssm/patch-baseline-operations/s3transfer/futures.py", line 106, in result
return self._coordinator.result()
File "/var/log/amazon/ssm/patch-baseline-operations/s3transfer/futures.py", line 265, in result
raise self._exception
File "/var/log/amazon/ssm/patch-baseline-operations/s3transfer/tasks.py", line 255, in _main
self._submit(transfer_future=transfer_future, **kwargs)
File "/var/log/amazon/ssm/patch-baseline-operations/s3transfer/download.py", line 342, in _submit
response = client.head_object(
File "/var/log/amazon/ssm/patch-baseline-operations/botocore/client.py", line 276, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/var/log/amazon/ssm/patch-baseline-operations/botocore/client.py", line 586, in _make_api_call
raise error_class(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (404) when calling the HeadObject operation: Not Found
Errror log:
debconf: unable to initialize frontend: Dialog
debconf: (TERM is not set, so the dialog frontend is not usable.)
debconf: falling back to frontend: Readline
debconf: unable to initialize frontend: Readline
debconf: (This frontend requires a controlling tty.)
debconf: falling back to frontend: Teletype
dpkg-preconfigure: unable to re-open stdin:
/var/log/amazon/ssm/patch-baseline-operations/jmespath/visitor.py:32: SyntaxWarning: "is" with a literal. Did you mean "=="?
if x is 0 or x is 1:
/var/log/amazon/ssm/patch-baseline-operations/jmespath/visitor.py:32: SyntaxWarning: "is" with a literal. Did you mean "=="?
if x is 0 or x is 1:
/var/log/amazon/ssm/patch-baseline-operations/jmespath/visitor.py:34: SyntaxWarning: "is" with a literal. Did you mean "=="?
elif y is 0 or y is 1:
/var/log/amazon/ssm/patch-baseline-operations/jmespath/visitor.py:34: SyntaxWarning: "is" with a literal. Did you mean "=="?
elif y is 0 or y is 1:
/var/log/amazon/ssm/patch-baseline-operations/jmespath/visitor.py:260: SyntaxWarning: "is" with a literal. Did you mean "=="?
if original_result is 0:
No IMDS credentials found on instance.failed to run commands: exit status 156
Could someone help me with this one?
Instance Details:
NAME="Ubuntu"
VERSION="20.04.5 LTS (Focal Fossa)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 20.04.5 LTS"
VERSION_ID="20.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal
- Mais recentes
- Mais votos
- Mais comentários
Hi, this is very probably due to the fact that your EC2 instance doesn't have the right permissions for Patch Manager in its execution role. You'll find all details about the policies to include in this role here: https://docs.aws.amazon.com/systems-manager/latest/userguide/setup-instance-permissions.html
You should probably validate proper IMDS access to the metadata from a connected terminal first: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html
Conteúdo relevante
- AWS OFICIALAtualizada há 2 anos
- AWS OFICIALAtualizada há 3 anos
- AWS OFICIALAtualizada há um ano
- AWS OFICIALAtualizada há um ano
Thank you for your answer But I forgot to say that I already attach to EC2 a instance profile with 2 policy:
Ok, then look at this one: very similar to your use case
https://github.com/boto/boto3/issues/2710
I don't really undestand why this is similar to my case ... Could you tell me more specific?
The same issue for me as well, I guess when we run curl http://169.254.169.254/latest/meta-data/ The "System" parameter is not getting displayed, any configuration do we needed to add?