We use EC2 Image Builder to build both Amazon Linux 2 and Red Hat Enterprise Linux based AMI as our SOE. The Ansible playbook that is included in the component installs SSM agent, but somehow we could not connect to the EC2 instance that is created from the RHEL AMI SOE via ssm session manager.
It turns out that EC2 Image Builder removes SSM agent if it is not part of the base AMI (e.g RHEL). To retain it, you need to remove the delete tag which is a file /tmp/imagebuilder_service/ssm_installed.
e.g Add it as step in the component
- name: RetainSSMAgent
action: ExecuteBash
inputs:
commands:
# Remove this tag to retain ssm agent
- sudo rm -rf /tmp/imagebuilder_service/ssm_installedIf you are interested to dig into the details, SSM automation is the place you can check. Click one of the EC2 Image Builder automation executions, then look for the ssmUninstallCommands. There is something like:
if [[ -f ${SERVICE_ROOT_WORKING_DIR}/ssm_installed ]]; then package_manager="$(cat ${SERVICE_ROOT_WORKING_DIR}/ssm_installed)" echo "Uninstalling SSM Agent installed by image builder using ${package_manager}" uninstall_ssm_agent "${package_manager}" fi else echo "Uninstall after build set to false...Skip Uninstall ssm agent" fi cleanup_image
Jackie Chen's IT Workshop 