Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

SSM Maintenance Window Region

See original GitHub issue

The documentation states that:

When you specify the name of a maintenance window that exists in the same account and AWS Region as your scheduled Amazon EC2 instances,

However it is my experience, working in a multi-account, multi-region environment, that the defined maintenance window must be in the same region as the solution’s stack itself, NOT the region the instances are in.

Specifically, I have three accounts: A. The account where the AWS Instance Scheduler solution is deployed in us-east-2. It is configured to schedule regions us-east-1,us-east-2. It has cross-account roles defined for accounts B and C. B. An account with instances and an SSM maintenance window in us-east-2. C. An account with instances and an SSM maintenance window in us-east-1.

Scheduling against B worked just fine, the logs show it seeing the maintenance window. Scheduling against C showed in the logs: ERROR : SSM maintenance window <mywindowname> used in schedule <myschedulename> not found or disabled However when I duplicated the SSM Maintenance Window in account C into us-east-2, even though there are no instances there, the function correctly finds it: INFO : Maintenance window "<mywindowname>" used as running period found for instance i-abcdefghijklmnop

Issue Analytics

State:
Created 3 years ago
Reactions:3
Comments:7

Top GitHub Comments

5reactions

praveeniscommented, Jul 17, 2020

Hi @jgard , I completely agree with you. We have added this to our backlog for a future release to support maintenance window in the account/region where instance is running.

For your use case, As a work around you can create a duplicate maintenance window of Account B in the Account A (account and region where stack is deployed) and use the maintenance window in the schedule. I agree that it’s not a best user experience, we have taken this into account while we prioritizing the fix for this issue.

Account A

us-east-1 CFN stack deployed SSM Maintenance Window “MyMaintenanceWindow-AccountB” (Create duplicate SSM maintenance window of Account B in Account A) Use SSM Maintenance Window “MyMaintenanceWindow-AccountB” in the schedule for Account B instance

Account B

us-west-2 EC2 Instance “MyInstance” SSM Maintenance Window “MyMaintenanceWindow”

Please let us know your comments.

Thanks, Praveen

0reactions

maykayscommented, Apr 27, 2021

shipped in v1.4

Top Results From Across the Web

AWS Systems Manager Maintenance Windows

Define a schedule for performing potentially disruptive actions on your nodes and other AWS resources using Systems Manager Maintenance Windows.

About register-task-with-maintenance-windows options

The register-task-with-maintenance-window command provides several options for configuring a ... arn:aws-cn:ssm: region :111122223333:document/My-Document .

How to Set Up AWS Systems Manager Maintenance ...

Use AWS Systems Manager to schedule AWS maintenance windows and automate maintenance tasks, including patching, updating software, ...

Maintenance Window - Azure SQL Database & ...

DC, Fsv2, M-series. Azure region support. Choosing a maintenance window other than the default is currently available in the following regions: ...

Maintenance Windows

AWS Systems Manager Maintenance Windows let you define a schedule for when to perform potentially disruptive actions on your instances such as patching...