Are you facing "Automation execution failed to start" , "Execution started, but status is failed" or "Execution started, but timed out" AWS automation errors? This article will show you how to go about fixing it.
When an automation execution process fails, it is usually caused by permission issues and leads to access denied or an invalid assume role error. Setting IAM roles, policies and users properly can make a very big difference.
As part of our Server Support Services, we have helped numerous customers fix AWS related issues.
This context gives solution to these common automation errors.
How to fix Automation execution failed to start aws error
An Automation execution process can fail to start when the assume role does not have the required PassRole permission to run that particular process. As good start to fixing this error involves attaching iam:passRole policy to the role of the IAM user trying to start the Automation execution process. Below is the steps to attach the iam:PassRole policy to your automation role.
i. Select the Permissions tab in the Summary page for the role you want to work with.
ii. Next add the policy by choosing Add Inline policy.
iii. On the Create policy page, choose the Visual editor tab.
iv. Now choose Service followed by IAM.
v. Choose Select actions and type passRole in the Filer actions text box followed by choosing the PassRole option.
vi. Here you can choose Resources. See that the Specific option is selected followed by choosing Add ARN.
vii. In this ARN for role field, paste the Automation role ARN you already have.
viii. Choose Add followed by Choosing Review policy. On the Review page, give it a name and then choose Create Policy to complete the creation of the Policy.
Other issues encountered when working with assume role
Invalid assume role
This happens when when the assume role for an Automation process is not properly configured or specified in the document or parameter value in that document.
Expect to see error messages such as;
The format of the supplied assume role ARN is invalid.
This means that the assume role is not in the correct format. To fix this check the assume role runtime parameter and that it is valid for the concerned Automation process.