Why can't I connect to AWS using awscli?

1
votes

How should I debug this?

Trying:

aws --debug ec2 describe-instances

Gives:

2014-11-07 10:27:49,394 - MainThread - botocore.endpoint - DEBUG - Sending http request: 2014-11-07 10:27:49,395 - MainThread - botocore.vendored.requests.packages.urllib3.connectionpool - INFO - Starting new HTTPS connection (1): ec2.us-east-1c.amazonaws.com

And then:

Timeout: (, 'Connection to ec2.us-east-1c.amazonaws.com timed out. (connect timeout=60)')

Trying:

nc -vz ec2.us-east-1c.amazonaws.com 443

Gives:

DNS fwd/rev mismatch: ec2.us-east-1c.amazonaws.com !=

And then:

unallocated.barefruit.co.uk ec2.us-east-1c.amazonaws.com [92.242.140.21] 443 (https) : Connection timed out

2
amazon-web-servicesamazon-ec2aws-cli

2 Answers

3
votes

This is wrong: ec2.us-east-1c.amazonaws.com

It should be: ec2.us-east-1.amazonaws.com

You need to provide REGION Endpoint to AWS CLI. What you are providing looks like is Availability zone endpoint (??).

Show us how are you passing the REGION parameter to AWS CLI ?

0
votes

That sounds like you are behind a corp. proxy/firewall that is configured to intercept SSL connections as well as regular HTTP connections on port 80.

Because the command line tools aren't configured to trust the proxy cert, you're getting an error.