1 回答
- 最新
- 投票最多
- 评论最多
0
The EC2 Instance doesn't need to have outbound internet access (NAT or IGW).
I've had similar issues in the past, ensure you have all three service endpoints setup (Security Group & Subnet mappings):
- com.amazonaws.[region].ssm
- com.amazonaws.[region].ssmmessages
- com.amazonaws.[region].ec2messages
Security Group for the Endpoints should allow HTTPS access from your VPC range (or narrowed down), and if you've modified the outbound rules on your Instance's Security Group - verify that too.
For completeness: issue was missing of Private DNS for Endpoints.
PrivateDnsEnabled: True
相关内容
- AWS 官方已更新 10 个月前
- AWS 官方已更新 2 年前
- AWS 官方已更新 5 个月前