AWS SSM agent update disables the auto start of SSM agent service across reboots
This document (000021735) is provided subject to the disclaimer at the end of this document.
Environment
AWS Cloud
Situation
After applying operating system updates and rebooting the instance, connection via Systems Manager (SSM) was not possible.
Resolution
To resolve this issue, manually enable the SSM agent service after the update:
systemctl enable amazon-ssm-agent
systemctl start amazon-ssm-agent
For a permanent solution, if you're using the AWS-provided SSM agent package and want to continue using it without disruption from SUSE package updates, lock the package in zypper:
zypper addlock amazon-ssm-agent
Note that the SUSE package intentionally doesn't enable the SSM agent by default as not all customers use SSM. When moving between vendor packages (AWS to SUSE), service configurations may not persist. Users who switch to the AWS-provided package are responsible for managing that package's update cycle.
Cause
The SSM agent service is disabled during OS updates because the update process removes the systemd unit file responsible for automatically starting the service. This occurs specifically when the SUSE-provided amazon-ssm-agent package replaces a previously installed AWS-provided version during the update.
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000021735
- Creation Date: 14-Mar-2025
- Modified Date:14-Mar-2025
-
- SUSE Linux Enterprise Server
- SUSE Linux Enterprise Server for SAP Applications
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com
