unable to create cloud9 environment


I'm not sure why this is working, but I have done everything that I have been told to check for when running new cloud9 env. I have connected it to my VPC, and picked a public subnet. My internet gateway is connected to the route table, but it's still saying there is an issue with my VPC configuration. Any help would be appreciated.

  • Error message: "Cloud9 could not connect to the EC2 instance. Please check your VPC configuration and network settings to troubleshoot the issue"

4 Answers

Hi there! I just had this same exact issue, and what I needed to do was a series of steps to assign an Elastic IP address to the EC2 instance to allow the SSM connection to take place within AWS. Here are the steps I went through:

  • Spin up a new Cloud9 environment with EC2 + VPC (public subnet)
  • Go to your newly created EC2 instance and go to the Networking tab and check if you have an associated Elastic IP address. This is important if you are working with a public subnet associated with the VPC, as it will need the Elastic IP address association
  • If you don't have this Elastic IP address associated, then go to the EC2 service and on the tab "Network & Security", create an Elastic IP Address
  • Once the Elastic IP is created, select it and in the top right on the "Actions" dropdown button, select "Associate Elastic IP address" and then link it to your EC2 instance that you are using for your Cloud9 instance. Leave the defaults as they are.
  • Then wait for your Cloud9 instance to finish connecting to your EC2

Hopefully this is helpful!

profile picture
answered 8 months ago

It is difficult to troubleshoot this without access to the environment but here is configuration information for the VPC, VPC settings for AWS Cloud9 Development Environments. I would first check to see that the security group and nacl are correct. Make sure the instance as a public IP address.

There is also a QuickStart that you could use the setup the environment.

profile pictureAWS
answered 2 years ago

For IPv4 CIDR block, you must enter an IPv4 address range for the VPC. The recommended IPv4 range for AWS Cloud9 is

If your development environment is using SSM to access an EC2 instance, ensure that the instance is assigned a public IP address by the public subnet it's launched into. To do so, you must enable the automatic assignment of a public IP address option for the public subnet, and set it to Yes. You can enable this on the public subnet before creating an AWS Cloud9 environment within the subnet settings page.

answered 7 months ago

Generally, you may prefer to create a Cloud9 environment in a private subnet, which allows it to access AWS Systems Manager-related VPC endpoints through a NAT gateway. In scenarios where you're accessing EC2 instances with no ingress using AWS Systems Manager, after provisioning, you should add the security group of the Cloud9 environment to the inbound rules of the security group associated with the endpoints. This configuration enables access to HTTPS on port 443.

  • com.amazonaws.<your region>.ssmmessages
  • com.amazonaws.<your region>.ssm
  • com.amazonaws.<your region>.ec2
profile pictureAWS
answered 6 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions