By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

How to use Services resource scheduler with aws systems manager

0

Hi folks I've followed the documentation provided by AWS on How to easily configure Resource Scheduler across your Organization with Systems Manager

To create ResourceScheduler i've to use a specific account ( AWS_ACCOUNT_test1 ) from there different OU with different user associate to them.

My EC2 instance are running below OU=Infra USERS=Test2 I've added AmazonSSMManagedInstanceCore policies to Test2 user and AWS_ACCOUNT_test1

I've added the tag to my EC2 instance ( key =ResourceScheduled value = true ) unfortunately STOP / START doesn't work.

Do you have an idea of anything I might have forgotten?

  • Adeleke Adebowale J EXPERT
    a month ago

    Could you please do this below steps troubleshoot to ensure that the stop and start actions are working as expected:

    Check IAM Policies: Ensure that the IAM policies attached to the Test2 user and AWS_ACCOUNT_test1 account include the necessary permissions to perform the ssm:StartInstance and ssm:StopInstance actions on EC2 instances. The policies should also include permissions for the necessary Systems Manager actions.

    Review Logging: Check the AWS Systems Manager Run Command logs and CloudWatch Logs for any errors or messages related to the stop and start actions. This can help identify any issues or failures that occur during the execution of the scheduled actions.

    Test Manually: Try manually triggering the stop and start actions using AWS Systems Manager Run Command to see if they work as expected. This can help isolate whether the issue lies with Resource Scheduler configuration or with the underlying permissions or settings.

Topics
ComputeManagement & Governance
Tags
Amazon EC2AWS Systems Manager
Language
English
oliver
asked a month ago135 views
2 Answers
1

Hi guys everything is working now

However i've a question my last one :) My colleague created exactly the same resource scheduler although as tag he wrote

  • tag = Nico_WorkingHours value = true

On my side i wrote

  • tag = ResourceScheduled value = true

Only because he change this it's working for him . And i've checked before there is no whitespace after or before the tag name. so my question is :

Are there any tags not to use?

oliver
answered a month ago
0

thanks for your help i 've checked https://docs.aws.amazon.com/fr_fr/systems-manager/latest/userguide/running-simple-automations.html

And then i run the following command to check if it's work .

Head
aws ssm start-automation-execution --document-name "AWS-RestartEC2Instance" --mode Interactive --region $AWS_REGION --parameters "InstanceId=i-0fdccec2XXXXXX"

When i go to AWS systems Manager > Documents > AWS-RestartEC2Instance and then i click on details in permissions i 've output

POLICY ACCESS:

  • AWS_ACCOUNT_test1 : Administrator access policy
  • OU=Infra USERS=Test2 : AmazonSSMManagedInstanceCore policy ( i can START/STOP/DELETE ec2 instance from that account )
oliver
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content