I've run into a problem getting the CloudWatch agent started on Windows EC2 instances created from AMIs which I have prepared beforehand. The error I get is this:
Service 'Amazon CloudWatch Agent (AmazonCloudWatchAgent)' cannot be
started due to the following error: Cannot start service
AmazonCloudWatchAgent on computer '.'.
The issue is not what is described in this troubleshooting document, as the service start fails almost immediately. It does not fail after waiting for 30 seconds and I've extended the timeout anyways just in case this was the cause.
The kicker is that I can run my provisioning code to install and configure the CloudWatch Agent on an EC2 instance sourced from an Amazon-provided AMI, with 100% success. Amazon bakes the CloudWatch agent into their base images and I can configure and start CloudWatch fine on those. I have also confirmed I can prepare an image up-to-but-excluding sysprep, restart the node, and configure CloudWatch as expected.
I am able to work around the issue by uninstalling CloudWatch, rebooting, then re-installing. This works for now but I'm trying to find a solution that doesn't add complexity to our automation; other teams can and will be using my base image to create their own base images, and having to remove/reboot/install the agent adds to their automation complexity and increases provisioning time on nodes intended to run workloads.
Baking CloudWatch into an AMI should work, since Amazon is able to do so with their base images. But I cannot find any documentation on how to generalize the service. I have confirmed we are facing this issue on Windows Server 2012r2-2019.
