Summary

Bamboo can't start Elastic agents with an error from the UI: "Can't start Elastic agent."

Environment

The issue appeared on Bamboo 9.0.2 using Elastic instances, but other versions may be affected.

Diagnosis

When you try to spin up the Elastic agent, you will see that the instance will terminate quickly without producing logs.

You need to confirm that you have the correct access to the AWS environment using the access and secret keys.

Login to your AWS account using the same user configured in Bamboo and try manually running an EC2 instance.

You will notice that the EC2 instance can't start with an Error: "The KMS key provided is in an incorrect state." You can view the error message through the AWS Management console → Actions → Instance settings.

Cause

The AWS user doesn't have full access to KMS.

Solution

Assign the AWS user configured on Bamboo to have full access to KMS using the below steps:

1. Identify the AWS IAM User or Role used by Bamboo for AWS operations.

2. Log into the AWS Management Console with an account with permission to manage IAM policies.

3. Navigate to IAM:

   • Go to Services > IAM.

4. Attach an Existing Policy for KMS Full Access:

   • Find the user or role in IAM > Users or Roles.
   • Click on the user or role > Permissions tab > Add permissions.
   • Choose “Attach existing policies directly” and search for “AmazonKMSFullAccess.”
   • Select “AmazonKMSFullAccess” and add it.