0

When I execute aws SSM-Agent send-command on an instance, the SSM-Agent tries to write the results to an S3 bucket in another region.

How do I specify what region the target S3 bucket is in?

Here's the command and error I'm currently getting.

Execute the following from server A: aws ssm send-command --document-name "AWS-RunShellScript" --document-version "1" --targets '[{"Key":"InstanceIds","Values":[""]}]' --parameters '{"workingDirectory":[""],"executionTimeout":["3600"],"commands":["ps ax"]}' --timeout-seconds 600 --max-concurrency "50" --max-errors "0" --output-s3-bucket-name "" --region us-east-1

And the log on server B shows:

Failed uploading /var/lib/amazon/ssm/<my-instance>/document/orchestration/<command-id>/awsrunShellScript/0.awsrunShellScript/stdout to s3://<my-bucket>/<command-id>/<my-instance>/awsrunShellScript/0.awsrunShellScript/stdout err:BucketRegionError: incorrect region, the bucket is not in 'eu-west-1' region

I don't have any resources in eu-west-1

Marcin
  • 215,873
  • 14
  • 235
  • 294
yzpilot
  • 1
  • Hi, I would like to suggest checking the region received by SSM in the environment variable AWS_SSM_REGION_NAME during the execution of the command. One test would be as below: aws ssm send-command --document-name AWS-RunShellScript --instance-id i-0782222b6cb7bd64b --parameters commands=['env'] There could be a stale system profile which may be overriding the region. But we can investigate further after getting the result of above command – Ketanbhut May 20 '20 at 21:44
  • Can't post the whole output in StackExchange comments (too long) but here's the line with the AWS_SSM_REGION_NAME: "AWS_SSM_REGION_NAME=us-east-1". So that looks like the correct region. – yzpilot May 21 '20 at 22:32

1 Answers1

0

Use argument --output-s3-region

https://docs.aws.amazon.com/cli/latest/reference/ssm/send-command.html

Chris Williams
  • 32,215
  • 4
  • 30
  • 68
  • That referenced documentation page says the --output-s3-region argument is deprecated and SSM "automatically" figures out what region to write to. I tried it anyway and it did not work. – yzpilot May 14 '20 at 17:06