I created two EC2 instances in the same AZ and on the same account. They use different security groups. I'd like instance A to accept connections on a certain port from only instance B.
I don't believe these instances are VPC, but don't know how to confirm. I wasn't able to change the security group which makes me think they are not VPC.
In the security group for instance A I added a rule for the port and used instance B's public IP /32 for the source. I then tried to connect from instance B using instance A's public IP, but the connection attempt fails immediately.
I tried the same steps with the private IP of each instance. What am I missing?
Here's an article which answers a similar question, but VPC is involved: Can't connect to EC2 instance in VPC (Amazon AWS).
Both instances have the same VPC ID and Subnet ID.
I also tried setting the source to instance B's security group, which didn't work either.
I'm trying this with mysql. The mysql client running on instance B failed immediately with this error:
ERROR 2003 (HY000): Can't connect to MySQL server on '54.xx.xx.xx' (113)
To check there wasn't a problem with mysqld setup, I tried the same with ICMP Echo Reply which didn't work either.
Edit Thanks to initial answers I was able to confirm these two instances are running in a VPC (by going to the VPC console). So, my question is very similar to the linked article. But, in that case the problem was that the instances were not default instances so didn't have the proper route and subnet created. Here's how my VPC is set up: The VPC is default and has a route table associated with it. The route table is implicitly associated with the subnet associated with the VPC. The route table has a single route in it and the target is "local".
These are all created by default as as I understand the docs should allow two instances to connect to each other. What am I (still) missing?