How can I troubleshoot why Systems Manager doesn’t show an Amazon EC2 instance as a managed instance?

Lesedauer: 2 Minute
1

I have an Amazon Elastic Compute Cloud (Amazon EC2) instance, but it doesn’t appear as a managed instance in AWS Systems Manager.

Short description

To determine why AWS Systems Manager doesn't show a managed instance from Amazon EC2, use the AWSSupport-TroubleshootManagedInstance runbook. This runbook performs the following actions:

  • Reviews the virtual private cloud (VPC) configuration for the instance
  • Reviews security group rules, VPC endpoints, network access control list (network ACL) rules, and route tables
  • Verifies that the instance has an attached AWS Identity and Access Management (IAM) instance profile with the required permissions

Resolution

Prerequisites

First, install and run AWS Systems Manager Agent (SSM Agent) on your instance.

Before you run the automation, make sure that your IAM user or role has the necessary permissions. See Required IAM permissions in AWSSupport-TroubleshootManagedInstance.

Run the Systems Manager automation runbook

  1. Sign in to the AWS Systems Manager console.
  2. In the navigation pane, choose Documents.
  3. In the search bar, enter AWSSupport-TroubleshootManagedInstance (Owner: Amazon).
  4. Choose the AWSSupport-TroubleshootManagedInstance document.
  5. Choose Execute automation.
  6. For the input parameters, enter the following information:
    InstanceId: Enter the ID of the instance that Systems Manager doesn't report as managed. You can provide the EC2 instance ID manually, or you can use the interactive instance picker. If you use the instance picker, then change the filter from Show managed instance only to Show all instances to select your instance**.
    (Optional) AutomationAssumeRole**: Enter the Amazon Resource Name (ARN) of the IAM role that allows Systems Manager Automation to perform actions on your behalf. If you don't specify a role, then Systems Manager Automation uses the permissions of the user that runs this document.
  7. Choose Execute.

After the automation completes, review the Outputs section for detailed results:

  • InstanceisOnline.output: This section notes if the InstanceId that you provided is already managed by Systems Manage.
  • FinalOutput.output: This contains a consolidated output of this document. This section notes if a check passes or fails and includes information on how to troubleshoot a failure, if needed.

Related information

Run an automation

Setting up Automation

Systems Manager Automation runbook reference