aws network_error ai_generated true

使用实例连接时，与EC2实例的连接超时

Connection to EC2 instance timed out while using Instance Connect

ID: aws/ec2-instance-connect-timeout

其他格式: JSON · Markdown 中文 · English

80%修复率

85%置信度

1证据数

2023-06-15首次发现

版本兼容性

版本	状态	引入	弃用	备注
ec2-instance-connect-1.0	active	—	—	—
aws-cli-2.15.0	active	—	—	—
amazon-ec2-2024	active	—	—	—

根因分析

由于安全组规则缺失或配置错误、缺少公网IP或网络ACL阻止，EC2 Instance Connect服务无法连接到实例。

English

EC2 Instance Connect service cannot reach the instance due to missing or misconfigured security group rules, lack of public IP, or network ACL blocking.

generic

官方文档

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-connect-set-up.html

解决方案

Verify that the security group attached to the instance allows inbound TCP traffic on port 22 from the Instance Connect IP ranges. Use: aws ec2 describe-security-groups --group-ids sg-xxx, then add rule: aws ec2 authorize-security-group-ingress --group-id sg-xxx --protocol tcp --port 22 --cidr 18.206.107.24/29

Ensure the instance has a public IP address (if connecting from outside VPC) or use a bastion host. If using EC2 Instance Connect without public IP, enable VPC endpoint for EC2 Instance Connect.

无效尝试

常见但无效的做法:

90% 失败
超时是网络层问题，客户端设置无法绕过AWS网络策略。
85% 失败
重启实例不会修复安全组规则或IAM权限配置错误。