With AWS Systems Manager Automation, tasks of EC2 instances and most AWS resources are made easy such as in the process of deployment and doing maintenance.
Here at IbmiMedia, we help numerous AWS customers fix AWS related issues as part of our Server Support Services.
Now, we will look into the reasons behind this error and how to get rid of it.
More about AWS Systems Manager Automation
A proper view and control of AWS infrastructure is made possible by the System Manager. The Systems Manager is good in an Automation process making repetitive processes easy by automating it all through the AWS resources.
By means of the Systems Manager Automation the following is possible;
i. Checking the progress of Automation and executing processes by means of Amazon EC2 or via AWS Systems Manager Console.
ii. Helping with the creation of specialized workflows to help manager different instances and AWS resources.
iii. Taking care of Automation tasks notification as well as workflows reports via AWS Cloudwatch Events.
iv.Configuring and managing AWS instances and resources by building Automation workflows.
Easy fix to Systems Manager Automation errors
We will discuss briefly about common Systems Automation errors below.
i. VPC not defined 400
In an Automation process when an AWS-UpdateLinuxAMi document or AWS-UpdateWindowsAmi document is running, a temporary instance in the default VPC is created by the system. Deleting this VPC sometimes results in the error message below;
VPC not defined 400
To fix this, simply specify a value for the SubnetID input parameter.
ii. When Automation execution fails to start
If the IAM users, policies and roles are not correctly configured to work with Automation, the Automation execution process can fail. The error message will look like;
Access Denied to Systems Manager API
Error message: User: user arn is not authorized to perform: ssm:StartAutomationExecution on resource: document arn (Service: AWSSimpleSystemsManagement; Status Code: 400; Error Code: AccessDeniedException; Request ID: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx)
Permission issues can be the reason why this error occurs because it cannot invoke the StartAutomationExecution API. A quick fix is to utilize the required IAM policy to the user account which was used to initialize the execution process.
