By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

SSM Automation Document in State Manager error InvalidAutomationParameters

0

I'm getting an InvalidAutomationParameters error after running a State Manager Association that uses an SSM Automation Document. I am having the same issue with all SSM Automation Documents I'm trying, but currently trying the AWS-RestartEC2Instance Automation Document. I have no issues running the Automation manually. I have no issues creating the State Manager Association, providing both parameters AutomationAssumeRole and InstanceId (I'm using AWSServiceRoleForAmazonSSM and a valid running Instance). However, whenever I run the Association, it fails with InvalidAutomationParameters error. If anybody can get this running properly, please provide what options used when creating the association.

Topics
Management & Governance
Tags
AWS Systems Manager
Language
English
TBO
asked 10 months ago780 views
1 Answer
0
Accepted Answer

Name:test
Document:AWS-RestartEC2Instance
Execution:Simple execution
InstanceId:i-xxxxxxxxx (your instance id)
AutomationAssumeRole:SSMAutomationRole
Specify schedule:On Schedule
Specify with:CRON/Rate expression
CRON/Rate expression:rate(30 minutes)

ssm1

The execution is successful with this configuration.

profile picture
EXPERT
Riku_Kobayashi
answered 10 months ago
profile picture
EXPERT
Sedat Salman
reviewed 10 months ago
  • TBO
    10 months ago

    Thanks for your reply, I've done everything the same as your setup except for the AutomationAssumeRole and is still failing for me with the same error. AWS documentation and the note on the Create Association page say to use the service-linked role AWSServiceRoleForAmazonSSM. Looks like the SSMAutomationRole you are using is not built-in, can you please tell me what policies are attached to that role?

  • Riku_Kobayashi EXPERT
    10 months ago

    The AutomationAssumeRole is created using the procedure described in this document. https://docs.aws.amazon.com/systems-manager/latest/userguide/automation-setup-iam.html
    The policy used is "AmazonSSMAutomationRole".

  • TBO
    10 months ago

    Thanks for the help. Creating a new role as described in the document got it working for me. The note on the Create Association page to use the service-linked role AWSServiceRoleForAmazonSSM is what threw we off.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content