By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

SSM Ping status Connection lost

0

hi, i spunned up 2 instances and also deployed ssm agents on it at the same time. it all run fine until one day one of the ssm instances have lost connection. the instance still works fine but somehow the agent refused to connect. tried to give the instance AmazonSSMManagedInstanceCore and restart the agent, but it's still doesn't work. both of the instance use ssm agent 3.2.1705.0. i tried to hit aws ssm endpoint and it shows no error nor time out.

any idea to fix this? thanks.

Topics
ComputeManagement & Governance
Tags
Amazon EC2AWS Systems Manager
Language
English
seargex
asked 5 months ago73 views
1 Answer
0

In order for instances to get managed by Systems Manager (SSM), there are few prerequisites which needs to be met:

  1. SSM Agent is installed and running
  2. Connectivity to SSM endpoints over port 443
  3. Connectivity to IMDS (instance metadata)
  4. IAM role attached with sufficient permissions

If the two instances went into "ConnectionLost" state (1), then I would suggest validating above prerequisites.

If all of the above prerequisites are met, then you can run "ssm-cli" diagnostic tool (2) and review the agent logs to identify the reason for "ConnectionLost" status.

SSM-CLI Tool:-

(-) Windows : & 'C:\Program Files\Amazon\SSM\ssm-cli.exe' get-diagnostics --output table

(-) Linux : ssm-cli get-diagnostics --output table

SSM Agent logs:-

(-) Windows : %PROGRAMDATA%\Amazon\SSM\Logs\

(-) Linux : /var/log/amazon/ssm/

References:-

(1) https://repost.aws/knowledge-center/systems-manager-ec2-instance-not-appear

(2) https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-cli.html

AWS
SUPPORT ENGINEER
Aamir_H
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content