- Newest
- Most votes
- Most comments
Hello Manoj!
From the information provided, it appears that there might be a lacking/incorrect Trust Relationship in the IAM Role you created that is preventing it from being able to assume the role. Without more information, it's hard to determine what Trust Relationship you need. If it's a role for SSM to do actions on your behalf, then the Trust relationship must list SSM as being able to assume the role. I would recommend you take a look at the following AWS blog on how to set up patching for Windows instances using SSM: https://aws.amazon.com/blogs/mt/patching-your-windows-ec2-instances-using-aws-systems-manager-patch-manager/ Also a good blog on Linux patching using SSM: https://aws.amazon.com/blogs/security/how-to-patch-linux-workloads-on-aws/
These blogs go into great detail to include the proper way of setting up the required IAM roles and appropriate Trust Relationships. I hope this helps!
Relevant content
- asked 4 months ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 10 months ago