No data come out when try to resume session.

Question

No data come out when try to resume session.

Opened this issue a month ago · 4 comments

Hi team, I am running into issues as following:

import json
import subprocess

import boto3

region = "us-east-2"
client = boto3.client("ssm", region)
target = "i-06c24c15d669fb4cc"

# session = client.start_session(Target=target)
# print(session)
session_id = "XXX"
session = client.resume_session(SessionId=session_id)
cmd = [
    "session-manager-plugin",
    json.dumps(session),
    region,
    "StartSession",
    "default",
    json.dumps(dict(Target=target)),
    f"https://ssm.{region}.amazonaws.com",
]
subprocess.run(cmd)

When I try to use the resume_session output to start Session, the program hang after

Starting session with SessionId: session_id XXX

With no output.

but if I use the comment out start_session credentials for tokenValue, streamUrl, session-id, it can create a session successfully.

My question is how to restore the session and why create session works but not resume sessions?

Answer 1 · 2024-12-12T22:59:01.000Z

aws cli version aws-cli/2.12.7 Python/3.11.4 Linux/5.15.0-1026-aws exe/x86_64.ubuntu.20 prompt/off
aws ssm agent version 1.2.650.0
for env

Answer 2 · 2024-12-31T01:50:13.000Z

Hi,

Thank you for posting your question! The Resume Session command is designed to re-establish the connection from the client side to the AWS Session Manager service. However, if the connection between the Session Manager agent and the target instance has already been terminated, this command will not be able to resolve the issue.

If this doesn’t address your situation, could you please share detailed steps to reproduce the issue, such as how you obtained the session ID? This will help us investigate further.

Looking forward to your response!

Thanks,
Yangtao

Answer 3 · 2024-12-31T10:18:42.000Z

Hi Yangtao, thanks for answering my question. The session id is obtained on the log after running start session. Then I kill the program which kill the connection. After that, I use list-session api and it still exist, then I try to use resume session as above and the program hang. I think it is because of the sequence order since resume session start with 0, not with the previous message order.

Answer 4 · 2024-12-31T22:47:03.000Z

Hi @zch-cc,
Thank you for the quick response! Firstly, I’d like to call out that the session-manager-plugin is designed to be called by AWS CLI. When a session is initiated, AWS CLI invokes the plugin with the response from the start-session command. In scenarios involving network issues, there’s a built-in resume session workflow inside session-manager-plugin to handle such cases. Therefore, the plugin isn’t expected to work successfully when a session is started with the output from a resume session.

I attempted the method you proposed and reproduced the behavior on my end. Based on the client-side logs, the process stopped after sending the token to the Session Manager. I suspect that when it resuming the session, beside the sequence number, other context (e.g. the client ID, which is a UUID generated for every new WebSocket connection) also missing, and session-manager-plugin take it as a new separate WebSocket connection to establish with target instance. This results in an inability to successfully transfer data to the target instance. For now, if a session initiated with session-manager-plugin, it is hard to resume it if the client is killed.

Thanks，
Yangtao