# An error occurred (SerialConsoleAccessNotEnabled) when calling the SendSerialConsoleSSHPublicKey operation: Serial console access is not enabled for the account or is not supported for the instance type

- **ID:** `aws/ec2-instance-connect-ip-not-authorized`
- **Domain:** aws
- **Category:** auth_error
- **Error Code:** `SerialConsoleAccessNotEnabled`
- **Verification:** ai_generated
- **Fix Rate:** 85%

## Root Cause

EC2 Serial Console access is not enabled at the account level, or the instance type does not support serial console connections (e.g., bare metal or older instances).

## Version Compatibility

| Version | Status | Introduced | Deprecated |
|---------|--------|------------|------------|
| EC2 API 2016-11-15 | active | — | — |
| AWS CLI 2.14.0 | active | — | — |

## Workarounds

1. **Enable EC2 Serial Console for the account in the AWS Region: 'aws ec2 enable-serial-console-access --region us-east-1' (requires ec2:EnableSerialConsoleAccess permission). Then retry the connection.** (90% success)
   ```
   Enable EC2 Serial Console for the account in the AWS Region: 'aws ec2 enable-serial-console-access --region us-east-1' (requires ec2:EnableSerialConsoleAccess permission). Then retry the connection.
   ```
2. **If the instance type is unsupported, launch a new EC2 instance with a supported type (e.g., t3, m5, c5 families) that supports serial console. Check the AWS documentation for the full list.** (80% success)
   ```
   If the instance type is unsupported, launch a new EC2 instance with a supported type (e.g., t3, m5, c5 families) that supports serial console. Check the AWS documentation for the full list.
   ```

## Dead Ends

- **** — Enabling serial console access via IAM policies alone doesn't work; the account-level feature must be explicitly enabled using the EC2 console or CLI. (85% fail)
- **** — Trying to use serial console on unsupported instance types (e.g., t2.micro, m5.metal) will always fail, even with account-level enablement. (95% fail)