我已经创建了一个自定义的awssm文档来与Run命令一起使用，然后我尝试使用boto3将该命令发送到单个EC2实例。在

文档需要2个参数才能发送给它，但我无法通过查看此处的文档来确定如何正确地执行此操作：https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ssm.html#SSM.Client.send_command

我可以通过以下命令成功使用CLI：

aws ssm send-command \
    --document-name "ResetVpnMfa" \
    --document-version "1" \
    --targets '[{"Key":"InstanceIds","Values":["i-abcabcab"]}]' \
    --parameters '{"command":["GoogleAuthlock"],"username":["some.user"]}' \
    --timeout-seconds 30 \
    --region eu-west-1

我的Python代码：

我得到以下错误：

botocore.errorfactory.InvalidParameters: An error occurred (InvalidParameters) when calling the SendCommand operation:

SSM文件本身：

---
schemaVersion: "2.2"
description: "Unlock or reset MFA on OpenVPN"
parameters:
  username:
    type: "String"
    description: "VPN user e.g. digger.dachshund"
  command:
    type: "String"
    description: "Command to unlock or reset MFA on OpenVPN."
    allowedValues:
    - GoogleAuthlock
    - GoogleAuthRegen
mainSteps:
- action: "aws:runShellScript"
  name: "VPNResetMFA"
  inputs:
    runCommand:
    - "/usr/local/openvpn_as/scripts/sacli --user {{username}} --lock 0 {{command}}"