Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

AWS-StartEC2Instance timeout

0

It appears that the AWS-StartEC2Instance Automation does not work.
I have a Maintenance Window with a Task targeting an instance by ID. When the MW executes, it fails with the following error:
Automation Step Execution fails when it is verifying the instance(s) have reached desired state.
Get Exception from DescribeInstanceStatus API of ec2 Service.
Exception Message from DescribeInstanceStatus API:
Request has expired. (Service: AmazonEC2; Status Code: 400; Error Code: RequestExpired; Request ID: a6647f3c-f218-451c-adb8-8a670236c1c0).
Please refer to Automation Service Troubleshooting Guide for more diagnosis details.
I have specified a role configured according to https://docs.aws.amazon.com/systems-manager/latest/userguide/automation-walk-security-assume.html.
Note that the AWS-StopEC2Instance does execute without error.
Has anyone out there had success using this Automation?

Temas
Gestión y gobierno
Etiquetas
AWS Systems Manager
Idioma
English
TomOgnibeneCHS
preguntada hace 5 años554 visualizaciones
1 Respuesta
0

After splunking through the CloudTrail logs, I was able to determine that the problem was related to our use of encrypted EBS volumes (encrypted with our own KMS key). I needed to grant kms:CreateGrant to the role that is executing the automation

TomOgnibeneCHS
respondido hace 5 años

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante