You need to create VPC Endpoints for EC2 and SSM Services in the dojovpc. The Endpoints provide EC2 instances private access to the AWS Systems Manager.
-
Goto VPC Management Console. Click on the Endpoints menu in the left and then click on the Create Endpoint button.
-
On the next screen, select AWS services for the service category. Select com.amazonaws.eu-west-1.ssm for the service name. Select the dojovpc for the VPC field. Select the availability zone listed with dojoprivatesubnet. Check for Enable DNS name field. Select dojo-endpoint-sg as the security group. Select Full Access for the policy and finally click on the Create endpoint button.
-
The endpoint is created in no time. Repeat steps 1 and 2 to create two more VPC Endpoints for the AWS Services - com.amazonaws.eu-west-1.ec2messages and com.amazonaws.eu-west-1.ssmmessages. Other than AWS Services, keep rest of the configuration the same.
-
The VPC endpoints are ready. It is time to launch the EC2 instances in the private VPC.