I suspect that the new instance is being launched in a private subnet and therefore the SSM agent on the instance can not reach the SSM service endpoint. You can solve this by using a VPC Endpoint. See: Creating VPC endpoints for Systems Manager.
If the instance is being deployed into a public subnet (the route table attached to the subnet has a route to an internet gateway), check that the instance has a public IP address. Also, if you are using NACLs, make sure the inbound/outbound rules allow this traffic.
Got the reason, I set the PermissionsBoundary which did not contain ssmmessages and ec2messages permission. This make session manager not working.
- Effect: Allow Action: - 'ssm:*' Resource: '*' - Effect: Allow Action: - 'ssmmessages:*' Resource: '*' - Effect: Allow Action: - 'ec2messages:*' Resource: '*'
Connect to Ec2 instance bastion via Session Managerasked 8 months ago
how can I changed to ec2-user automatically when I access aws linux ec2 via Session ManagerAccepted Answerasked 5 days ago
Unable to use Session Manager on EC2 instances in a private subnet with SSM VPC endpointAccepted Answerasked 3 years ago
Error on Dashboard "An error occurred" and unable to create instance due to "Error loading AMI data".asked 3 months ago
Failing to launch test/cutover instance with public IPasked 7 months ago
Unable to connect to instance from a newly created ami: Failed to start Service for snap ap…amazon-ssm-agent.amazon-ssm-agentasked 7 months ago
What is the difference between EC2 Instance Connect and Session Manager SSH connections?Accepted Answerasked 3 years ago
Session Manager unable to connect to instance in public subnetAccepted Answerasked a month ago
EC2 reachability check failed (Linux) from launch instance from snapshotasked 3 months ago
Session Manager to connect ec2 instance cannot be enabledasked a month ago