Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

AWS-StartEC2Instance timeout

0

It appears that the AWS-StartEC2Instance Automation does not work.
I have a Maintenance Window with a Task targeting an instance by ID. When the MW executes, it fails with the following error:
Automation Step Execution fails when it is verifying the instance(s) have reached desired state.
Get Exception from DescribeInstanceStatus API of ec2 Service.
Exception Message from DescribeInstanceStatus API:
Request has expired. (Service: AmazonEC2; Status Code: 400; Error Code: RequestExpired; Request ID: a6647f3c-f218-451c-adb8-8a670236c1c0).
Please refer to Automation Service Troubleshooting Guide for more diagnosis details.
I have specified a role configured according to https://docs.aws.amazon.com/systems-manager/latest/userguide/automation-walk-security-assume.html.
Note that the AWS-StopEC2Instance does execute without error.
Has anyone out there had success using this Automation?

Topics
Management & Governance
Tags
AWS Systems Manager
Language
English
asked 6 years ago803 views
1 Answer
0

After splunking through the CloudTrail logs, I was able to determine that the problem was related to our use of encrypted EBS volumes (encrypted with our own KMS key). I needed to grant kms:CreateGrant to the role that is executing the automation

answered 6 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content