AWS Systems Manager - Inventory Collection stuck in Pending Status

0

The AWS System Manager Inventory Collection & Managed Instances configurations never leaves 'Pending' Status when I run the Quick Setup. I've tried a number of times but it doesn't to work. I've also tried to follow the instructions on the Troubleshooting page (link below) to address insufficient permissions but that hasn't solved the problem either. Has anyone else had this problem and have a fix? Thanks in advance!

https://docs.aws.amazon.com/systems-manager/latest/userguide/syman-inventory-troubleshooting.html#sysman-inventory-troubleshooting-pending

2 Answers
0

Hello,

I understand that your AWS System Manager Inventory Collection & Managed Instances configurations is stuck in 'Pending' Status.

The Inventory Association status can remain in pending status if:

  1. There are no instances in the selected AWS Region

  2. Insufficient permissions:

An inventory association shows Pending if one or more instances don't have permission to run Systems Manager Inventory.

For instances that already have instance profiles attached. Make sure you choose the option "Add required IAM policies to existing instance profiles attached to your instances." during configuration for Quick Setup to add IAM policies to the instance profiles attached to the instance.

You can also edit the Quick Setup configuration to enable the option. See step below:

  1. Open the AWS Systems Manager console at https://console.aws.amazon.com/systems-manager/

  2. In the navigation pane, choose Quick Setup

  3. Choose the Quick Setup Configuration you want to edit

  4. Choose View details

  5. Choose Action and select Edit Configuration Options

  6. Under Instance profile options select Add required IAM policies to existing instance profiles attached to your instances

    Policy: AmazonSSMManagedInstanceCore, allows an instance to use Systems Manager service core functionality

    Policy: AmazonSSMDirectoryServiceAccess, is required only if you plan to join Amazon EC2 instances for Windows Server to a Microsoft AD directory.

  7. Choose Update

Refer to this AWS Doc to walk through on more detailed steps on how to Upgrade you AWS SSM Agent using the Run Commnad.

I hope this information is helpful.

Lunga T
answered 2 years ago
0

The documentation steps had already been done. For the association of collectInventory to pass, a Public IP or equivalent VPC endpoint was required. However, once the CollectInvetory Association has cleared, we have now a Pending Status on UpdateCloudwatchAgent. Any idea on how this can be updated to success?

Swee
answered 7 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions