- Newest
- Most votes
- Most comments
Hello.
If you want to connect from the management console using EC2 Instance Connect, you need to allow the EC2 Instance Connect IP address in the EC2 security group.
EC2 Instance Connect provides a managed prefix list, so try configuring it to allow it in the security group's inbound rules.
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-connect-tutorial.html#eic-tut1-task2
By the way, in addition to the security group, you must also meet the prerequisites listed in the document below.
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-connect-prerequisites.html
Based on the information you've provided, there are a few potential issues that could be preventing your EC2 instance from connecting through the "Connect using EC2 Instance Connect" option.
-
Network ACL Configuration: The most significant issue appears to be your Network ACL settings. Both inbound and outbound rules are set to deny all traffic from all sources (0.0.0.0/0). This configuration effectively blocks all network traffic to and from your instance, including SSH connections. To resolve this, you should modify your Network ACL to allow the necessary traffic. Typically, you would want to allow inbound traffic on port 22 for SSH and allow all outbound traffic.
-
Security Group Configuration: While you've added an inbound rule for port 22 to your specific IP, make sure this rule is correctly configured and that your current IP matches the one specified in the rule. If your IP has changed since setting up the rule, you may need to update it.
-
EC2 Instance Connect Installation: Ensure that EC2 Instance Connect is properly installed on your instance. If you're using an Amazon Linux 2, Ubuntu, or other supported OS, it might be pre-installed. For other operating systems, you may need to install it manually.
-
IAM Permissions: Verify that you have the necessary IAM permissions to use EC2 Instance Connect. Your IAM user or role should have permissions to use the EC2 Instance Connect API.
-
Instance State: Although you mentioned that all statuses are running, double-check that the instance is in the 'running' state and that there are no underlying issues with the instance itself.
To resolve the connection issue:
- First and foremost, update your Network ACL to allow the necessary traffic. At minimum, allow inbound SSH traffic (port 22) and all outbound traffic.
- Verify your Security Group settings to ensure they allow SSH access from your current IP address.
- If the issue persists, try connecting using SSH with a key pair to isolate whether the problem is specific to EC2 Instance Connect or a more general connectivity issue.
- Check the system logs of your EC2 instance for any error messages or issues that might be preventing the connection.
- If you're still unable to connect, you may want to consider using the EC2 Serial Console to troubleshoot further or contacting AWS support for additional assistance.
Sources
EC2 Instance Connect doesn't work | AWS re:Post
Connect to an Amazon EC2 instance using EC2 Instance Connect Endpoint - Amazon Elastic Compute Cloud
Connect to a Linux instance using EC2 Instance Connect - Amazon Elastic Compute Cloud
Relevant content
- asked 2 years ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago