YUM update error EC2 Could not retrieve mirrorlist https...

Question

Wherenever I run Sudo YUM update on an new EC2 intance I get this error:

```
Could not retrieve mirrorlist https://amazonlinux-2-repos-us-west-2.s3.dualstack.us-west-2.amazonaws.com/2/core/latest/x86_64/mirror.list error was
12: Timeout on https://amazonlinux-2-repos-us-west-2.s3.dualstack.us-west-2.amazonaws.com/2/core/latest/x86_64/mirror.list: (28, 'Failed to connect to amazonlinux-2-repos-us-west-2.s3.dualstack.us-west-2.amazonaws.com port 443 after 4982 ms: Connection timed out')```

Here are the things I've already checked:

1. NACL and Security Groups already have inbound Port 80 and port 443 open
2. Outbound NACL and Security Groups is already Open to all TCP
3. Internet Gateway correctly attached
4. Have given this EC2 a Public, elastic IP, and that still didn't work.

Not sure what else I'm missing?

Accepted Answer

Your inbound NACL is wrong.
it dont need inbound 80,443.

It needs inbound ephemeral ports open range 32768-65535
https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html

If issue persist, you can use VPC Reachability analyzer to find out where traffic is getting blocked.
https://aws.amazon.com/blogs/aws/new-vpc-insights-analyzes-reachability-and-visibility-in-vpcs/

Accept answer if it helps resolving the issue

Answer

The instance needs to be in a public subnet where the route table attached to the subnet has a rule routing traffic to the internet gateway. Or in a private subnet where the route table attached to the subnet has a rule routing traffic to a NAT Gateway/Instance.

YUM update error EC2 Could not retrieve mirrorlist https...

관련 콘텐츠