How to fix the error Failed to connect to your instance?

Question

Unable to connect the instance after restarting the server by using the command ***sudo systemctl reboot***. When I'm trying to login into the instance using EC2 Instance Connect it is failing to make the connection to the instance and throwing an error

```
We were unable to connect to your instance. Make sure that your instance network settings are configured correctly for EC2 Instance Connect. For more information, check Task 1 under the Setup EC2 Instance Connect AWS documentation.
```
After following the [doc](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-connect-set-up.html#ec2-instance-connect-setup-security-group) I have added an Inbound rule that allows inbound SSH traffic on port 22 from your IP address to the security group attached to my instance. But still, it shows the same error and also fails the Instance reachability check.

Any help in guiding me that how can I make a connection to my instance will be much appreciated.

Thanks

Answer

A few points to consider:
* EC2 Instance Connect (EIC) requires installation in your host operating system. Some managed AWS AMIs have [Instance Connect pre-installed](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-connect-set-up.html) - namely, Amazon Linux and Ubuntu 20.04 and later. If you are not using one of these operating systems, you will need to [install EIC](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-connect-set-up.html).
- Your instance needs connectivity to AWS EIC service endpoints, either public ones using the internet, or via a [private EIC endpoint](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-ec2-instance-connect-endpoints.html)
- Your users need connectivity to the instance - even if you are connecting via the Console. There are two ways to establish that connectivity - by [giving internet access to your instance](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html#vpc-igw-internet-access), or by creating a private connection y using AWS Direct Connect, AWS Site-to-Site VPN, or VPC peering, so that your users can reach the instance's private IP address.
- You need to allow TCP access on port 22 (sounds like you have already done this).
- Every IAM user that you want to [connect to your instance via EIC will need appropriate permissions](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-connect-configure-IAM-role.html).

The link Chirag posted is a useful reference: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-connect-prerequisites.html

You can also read more about how the service works - in short, by adding an SSH key temporarily to the instance to allow you to connect, then removing it when your session ends -  here: https://aws.amazon.com/blogs/security/use-ec2-instance-connect-to-provide-secure-ssh-access-to-ec2-instances-with-private-ip-addresses/

Answer

Hello,

I am assuming this is a new instance. Did you try to check the Routing settings ? From where are you trying to access the instance ? Does it have an internet gateway attached and the routing set correctly. I am assuming NACL/SG settings are correctly set ?

Refer the link below for the pre-requisites required.

Link- https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/connection-prereqs.html

How to fix the error Failed to connect to your instance?

관련 콘텐츠