1 Respuesta
- Más nuevo
- Más votos
- Más comentarios
0
If your EC2s already have the policy awsmanagedinstancecore
assigned to the IAM role, access to the API endpoint and have the SSM Agent installed then they will automatically register with SSM without setting up the default host management.
Contenido relevante
- OFICIAL DE AWSActualizada hace 3 años
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace un año
- ¿Cómo puedo hacer referencia a los parámetros de Systems Manager en los diferentes servicios de AWS?OFICIAL DE AWSActualizada hace un año
Thank you Gary for the comment. I checked, my instance IAM roles do not include "awsmanagedinstancecore", some instance doesn't even have an IAM role attached to it
What I did was I enabled Default Host Management Configuration with the AWSSystemsManagerDefaultEC2InstanceManagementRole as the IAM role. Then After about 30 minuttes, almost all of my instances appeared under Systems Managers Managed Nodes list.
Could you please expand a bit more on as why this happens?
Thanks again.
Ec2 will first try to use the iam role attached then use the default iam role( default managed instance role ) that’s setup and they assume this role to register. You believe your using imdsv1?
What is the default managed instance role by the way? Are you referring to "AWSSystemsManagerDefaultEC2InstanceManagementRole"? :)
Yes, most of my instances are using IMDSv1 but I am trying to enable IMDSv2 at some stage. I was just confused why Default Host Management Configuration works for instances that are still using IMDSv1. The attached IAM role of my instances do not include the
awsmanagedinstancecore
policy.