Have you checked that the EC2's have Internet access, this is needed to reach the SSM and EC2 endpoints, you can have Internet access through the IGW if your instances are in a public subnet and have a public IP or a NATGW if the instances are in a private subnet.
If you don't have Internet access you can still use SSM but you have to create seevral VPC Endpoint for SSM, EC2, EC2 Messages.
- Accepted Answerasked 4 years ago
- asked 9 months ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 7 months ago
- How can I configure on-premises servers to use temporary credentials with SSM Agent and unified CloudWatch Agent?AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 months ago
- EXPERTpublished 8 months ago