ec2 connect refused to connect to an instance, but nacl and sec group have the inbound rules, reason?

Question

i created my own sec group with the rules that allow http , https, ssh over 22, icmp. But somehow 'ping public_ip' from my bash not working.

I know the problem should be either in nacl or sec group.

nacl inbound rules(std, i did not change):

• 100 - source: 0.0.0.0/0 - All traffic allow
• '*' 0.0.0.0/0 - All traffic deny

sec group:

–
sgr-04d94a952ec860ae0   IPv4    All ICMP - IPv4 ICMP    All 0.0.0.0/0   –

–
sgr-024a8c2d7b5d0655b   IPv4    HTTP    TCP 80  0.0.0.0/0   –

–
sgr-0850c40886cae6d8e   –   All traffic All All sg-0dfbcaaeddb9d6290 / default  –

–
sgr-0d8d763897c3887c1   IPv6    HTTPS   TCP 443 ::/0    –

–
sgr-03cd30e21cf350d33   IPv4    SSH TCP 22  0.0.0.0/0   –

–
sgr-00d6311720aeb475f   IPv6    HTTP    TCP 80  ::/0    –

–
sgr-09439547961e2f68f   IPv4    HTTPS   TCP 443

checking with ping does not work.... : ping 3.209.9.15 -> 'request time out'

explicit ssh does not work!

ssh -i minikube_keypair.pem ubuntu@ec2-3-209-9-15.compute-1.amazonaws.com
ssh: connect to host ec2-3-209-9-15.compute-1.amazonaws.com port 22: Connection refused

Answer 1

the problem was i deleted internet gateway.

do 2 things:

• check if you have internet gateway (if not - create it & attach to vpc)
• check if route attached to your subnet has a rule that uses internet gateway.

the rule in the route table can look like this:

0.0.0.0/0   igw-067c712c04da342ee    Active No