"ValidationException: The assume role is invalid" while creating Association
0
It show this error "ValidationException: The assume role is invalid" while creating Association with the document "AWSEC2-PatchLoadBalancerInstance". It say to use "AWSServiceRoleForAmazonSSM" but it can be added as the association role
1回答
- 新しい順
- 投票が多い順
- コメントが多い順
0
Hello,
This seems to be a limitation with the document "AWSEC2-PatchLoadBalancerInstance". A possible workaround for this would be to clone the document and provide an assume role manually within the automation document itself. Please follow below steps for the same -
- Go to AWS Systems Manager service --> Documents
- Search and select the document "AWSEC2-PatchLoadBalancerInstance"
- Click on Actions --> Clone document
- Under the field 'Assume Role - optional', provide the ARN of the Role 'AWSServiceRoleForAmazonSSM' and click on Create Automation at the bottom of the screen
- Use this cloned copy to create SSM association
Alternatively, you can use AWS Maintenance Windows to patch your LB instances using the document 'AWSEC2-PatchLoadBalancerInstance'.
Hope this helps!
