search

aws / aws-tools-for-powershell

The AWS Tools for PowerShell lets developers and administrators manage their AWS services from the PowerShell scripting environment.
Apache License 2.0
235 stars 78 forks source link

Get-SSMResourceTag should be in format mi-[0-9a-f]{17} for resource type ManagedInstance #204

Closed arq-anthonyw closed 3 years ago

arq-anthonyw commented 3 years ago

Description

Get-SSMResourceTag for ManagedInstance types is failing with error message resourceId i-0edbbb6e54088396a should be in format mi-[0-9a-f]{17} for resource type ManagedInstance. Which in a sense is somewhat correct however not all instances registered to SSM as a managed instance are in that format. I have old instances with instance Id's of i-xxxxxxxx and new instances with id's of i-xxxxxxxxxxxxxxxxx. The only instances I have using mi- are actually on-prem hybrid instances I have registered via a hybrid activation.

Reproduction Steps

Spin up a new Windows instance using an AWS provided AMI that has SSM baked in and a suitable role attached and it will register with SSM automatically using it's instance ID and not something starting with mi-

Logs

Environment

Resolution

I haven't checked the source code yet for the cmdlet to see if the restriction is based on the module itself or the AWS API but if it's a restriction controlled from the module it should be amended to allow for other scenarios supported by SSM. If it's the API... I'm guessing someone needs to be advised their stuff doesn't work like how they think it does?

This is a :bug: bug-report

ashishdhingra commented 3 years ago

Looking at source for Get-SSMResourceTag CmdLet and .NET SDK ListTagsForResourceRequest, I do not see any RegEx validation for ResourceId.

ashishdhingra commented 3 years ago

P49034715

ashishdhingra commented 3 years ago

Hi @arq-anthonyw,

Good afternoon.

Based on , the Get-SSMResourceTag uses AWS SDK for .NET to invoke ListTagsForResource service API action. As per SSM service team, ListTagsForResource API action does not support EC2 instances as EC2 has their own API for tagging. SSM only supports the tagging for the managed instances (and few other resources).

You may try using Get-EC2Tag-Cmdlet for EC2 instances. Hope this helps.

Thanks, Ashish

ashishdhingra commented 3 years ago

This issue has not recieved a response in 1 week. If you want to keep this issue open, please just leave a comment below and auto-close will be canceled.

github-actions[bot] commented 3 years ago

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.