By using AWS re:Post, you agree to the Terms of Use

State Manager Association Non-Compliance vs. Failure


I just created a few simple Systems Manager State Manager associations, all to accomplish small tasks like running inventory and scanning for patches. I had initially assumed that an association failing on a single instance would lead that instance to be marked as non-compliant, with whatever severity level was configured for the association. In one of the walkthroughs in the SSM documentation, however, I see this:

If the State Manager association fails, no compliance data is reported. For example, if Systems Manager attempts to download a Chef cookbook from an S3 bucket that the node doesn't have permission to access, the association fails, and Systems Manager reports no compliance data.

Is this the case for all association failures, regardless of document? And if it is, under what scenarios would association compliance show anything other than compliant instances?

asked 4 months ago30 views
No Answers

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions