2 Answers
- Newest
- Most votes
- Most comments
0
Hi,
This error can be due to different causes (SSM agent status, network connectivity issues, IAM Role permissions...), so I recommend that you take a look at the following Knowledge Center post, which details the requirements to be a managed instance in Online status, as well as the steps to verify it and solve it if necessary.
0
Hi, most frequent issue is not having the required AWS-managed IAM policy named AmazonEC2RoleforSSM in place in the execution rolee of your EC2 instance. See example below in my own CFN template:
BaaRole:
Type: AWS::IAM::Role
DeletionPolicy: Delete
Properties:
RoleName: !Join
- '-'
- - 'role'
- !GetAtt Name.Value
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: 'Allow'
Principal:
Service:
- 'ec2.amazonaws.com'
Action: 'sts:AssumeRole'
Path: /
ManagedPolicyArns:
- 'arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM'
Policies:
- PolicyName: !Join
- '-'
- - 'role-policy'
- !GetAtt Name.Value
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: 'Allow'
Action:
- 's3:*'
Resource:
- '*'
Relevant content
- Accepted Answerasked 9 days ago
- asked 6 months ago
- AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated a year ago