By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

YUM update error EC2 Could not retrieve mirrorlist https...

0

Wherenever I run Sudo YUM update on an new EC2 intance I get this error:

Could not retrieve mirrorlist https://amazonlinux-2-repos-us-west-2.s3.dualstack.us-west-2.amazonaws.com/2/core/latest/x86_64/mirror.list error was
12: Timeout on https://amazonlinux-2-repos-us-west-2.s3.dualstack.us-west-2.amazonaws.com/2/core/latest/x86_64/mirror.list: (28, 'Failed to connect to amazonlinux-2-repos-us-west-2.s3.dualstack.us-west-2.amazonaws.com port 443 after 4982 ms: Connection timed out')```

Here are the things I've already checked:

1. NACL and Security Groups already have inbound Port 80 and port 443 open
2. Outbound NACL and Security Groups is already Open to all TCP
3. Internet Gateway correctly attached
4. Have given this EC2 a Public, elastic IP, and that still didn't work.

Not sure what else I'm missing?
Topics
Networking & Content DeliveryCompute
Tags
Amazon VPCAmazon EC2
Language
English
blackGlitterGuy
asked a year ago1651 views
2 Answers
1
Accepted Answer

Your inbound NACL is wrong. it dont need inbound 80,443.

It needs inbound ephemeral ports open range 32768-65535 https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html

If issue persist, you can use VPC Reachability analyzer to find out where traffic is getting blocked. https://aws.amazon.com/blogs/aws/new-vpc-insights-analyzes-reachability-and-visibility-in-vpcs/

Accept answer if it helps resolving the issue

Muhammad
answered a year ago
profile pictureAWS
EXPERT
Tushar_J
reviewed a year ago
  • blackGlitterGuy
    a year ago

    This did it. Thank you. I had to give the s3 Bucket end point full access, rather than some more restricted access to get Yum to update... but it's working now. Thanks for the reply!

1

The instance needs to be in a public subnet where the route table attached to the subnet has a rule routing traffic to the internet gateway. Or in a private subnet where the route table attached to the subnet has a rule routing traffic to a NAT Gateway/Instance.

profile pictureAWS
EXPERT
kentrad
answered a year ago
  • blackGlitterGuy
    a year ago

    The Subnet's Routable has 0.0.0.0/0 Rule to the My Internet Gateway. I double checked my Launch template to ensure that this Route Table is associated with the Subnet that the EC2 instance is attached to when it is created.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content