search

aws / amazon-ssm-agent

An agent to enable remote management of your EC2 instances, on-premises servers, or virtual machines (VMs).
https://aws.amazon.com/systems-manager/
Apache License 2.0
1.03k stars 323 forks source link

EC2 instance does not use OnPrem identity even after the instance is registered successfully as Onprem instance #484

Closed gianniLesl closed 1 year ago

gianniLesl commented 1 year ago

Steps to reproduce:

  1. Register agent 3.2.183.0 on EC2 instance as onprem while the instance is running
  2. Restart agent service
  3. Observe registration info is not saved in agent vault manifest

Logs:

INFO Successfully registered the instance with AWS SSM using Managed instance-id: mi-07eb9fb58c50c4bc5

WARN [OnPremIdentity] error while loading server info%!(EXTRA *errors.errorString=Failed to load instance info from vault. RegistrationKey does not exist.)

Workaround: Replace the file contents of the vault manifest with the following json

Linux:

{"InstanceFingerprint":"/var/lib/amazon/ssm/Vault/Store/InstanceFingerprint","RegistrationKey":"/var/lib/amazon/ssm/Vault/Store/RegistrationKey"}

Windows:

{"InstanceFingerprint":"C:\\ProgramData\\Amazon\\SSM\\InstanceData\\Vault\\Store\\InstanceFingerprint","RegistrationKey":"C:\\ProgramData\\Amazon\\SSM\\InstanceData\\Vault\\Store\\RegistrationKey"}
The vault manifest is located at Platform Location
Linux /var/lib/amazon/ssm/Vault/Manifest
Windows C:\ProgramData\Amazon\SSM\InstanceData\Vault\Manifest

This issue affects agent version 3.2.183.0

gianniLesl commented 1 year ago

Fixed in agent version 3.2.286.0