Why do I receive a “No Invocations to Execute" message from my Systems Manager maintenance window?

Last updated: 2021-04-29

I created a maintenance window that runs an AWS Systems Manager Automation targeting Amazon Elastic Compute Cloud (Amazon EC2) instance tags. When the automation runs, I receive a "No Invocations to Execute" message. How can I fix this issue?

Short description

When you run a maintenance window that targets instances that use Amazon EC2 instance tags, the instance IDs for managed instances resolve when the Automation runs. The instance ID won't resolve as a target if either of the following is true:

  • The target instance isn’t reporting as a managed instance when the Automation runs
  • The target instance is stopped when the maintenance window runs

When an instance ID can’t resolve as a target, then the “No Invocations to Execute” message appears in the output.

Resolution

To target a non-managed instance or an instance that is stopped when the maintenance window runs, follow these steps:

  1. Create a new resource group that is limited to Amazon EC2 instances, and then specify your tags. For more information and for instructions to create a tag-based group, see Build queries and groups in AWS Resource Groups.
  2. Update the AWS Identity and Access Management (IAM) policies attached to the Automation role to include read-only access for the resource group.
  3. Register the target to a maintenance window. For Targets, choose the tag-based resource group that you created in step 1 of this article.
  4. Update the maintenance window Automation task to target the resource group target that you created in the previous step.
  5. For the Automation task InstanceId input parameter, enter the pseudo parameter {{RESOURCE_ID}}.