The other day I stumbled upon a string of similar events logged from some of my Windows EC2 instances in regards to the SSM Agent. It simply refused to start up, and examining the log files, I could see the following:
2022-09-23 08:09:39 ERROR Agent failed to assume any identity 2022-09-23 08:09:39 ERROR failed to find identity, retrying: failed to find agent identity
After a little digging, the likely culprit was a corrupt EC2Launch installation and missing routes for it to communicate with the AWS backbone. Fixing this was quite easy once I knew what the issue was.
First we need to update EC2Launch
mkdir $env:USERPROFILE\Desktop\EC2Launch $Url = "https://s3.amazonaws.com/ec2-downloads-windows/EC2Launch/latest/EC2-Windows-Launch.zip" $DownloadZipFile = "$env:USERPROFILE\Desktop\EC2Launch\" + $(Split-Path -Path $Url -Leaf) Invoke-WebRequest -Uri $Url -OutFile $DownloadZipFile $Url = "https://s3.amazonaws.com/ec2-downloads-windows/EC2Launch/latest/install.ps1" $DownloadZipFile = "$env:USERPROFILE\Desktop\EC2Launch\" + $(Split-Path -Path $Url -Leaf) Invoke-WebRequest -Uri $Url -OutFile $DownloadZipFile & $env:USERPROFILE\Desktop\EC2Launch\install.ps1
Then once EC2Launch has been updated, we need to add the default routes required.
Import-Module "C:\ProgramData\Amazon\EC2-Windows\Launch\Module\Ec2Launch.psd1" Add-Routes
Now go back to services.msc and perform a stop and start of the SSM Agent. It should now be able to start up again without any issues.