# Fix AWS EC2 Instance Reachability Check Failed

Your EC2 instance shows "Instance reachability check failed" in the AWS console or status checks are failing. The instance is running but not responding to network traffic or system status checks.

  1. 1.AWS performs two types of status checks:
  2. 2.System status checks - AWS infrastructure issues
  3. 3.Instance status checks - Software/network configuration issues

Introduction

  1. 1.Your EC2 instance shows "Instance reachability check failed" in the AWS console or status checks are failing. The instance is running but not responding to network traffic or system status checks. AWS performs two types of status checks:
  2. 2.System status checks - AWS infrastructure issues
  3. 3.Instance status checks - Software/network configuration issues

Symptoms

EC2 reachability check failures present with: - "Instance reachability check failed" status in AWS console - Instance not responding to SSH or HTTP requests - System status check showing "impaired" - Instance status check showing "impaired" - Website or service unavailable despite instance running - Network connectivity issues from instance

Diagnosis commands to investigate:

Check instance status:

bash
aws ec2 describe-instance-status \
  --instance-ids i-1234567890abcdef0 \
  --query 'InstanceStatuses[*].[InstanceId,InstanceState.Name,InstanceStatus.Status,SystemStatus.Status]' \
  --output table

Get detailed status:

```bash aws ec2 describe-instance-status \ --instance-ids i-1234567890abcdef0 \ --query 'InstanceStatuses[*].InstanceStatus.Details[*]' \ --output table

aws ec2 describe-instance-status \ --instance-ids i-1234567890abcdef0 \ --query 'InstanceStatuses[*].SystemStatus.Details[*]' \ --output table ```

Check instance details:

bash
aws ec2 describe-instances \
  --instance-ids i-1234567890abcdef0 \
  --query 'Reservations[*].Instances[*].[InstanceId,InstanceType,State.Name,LaunchTime]'

View console output:

bash
aws ec2 get-console-output \
  --instance-id i-1234567890abcdef0 \
  --query 'Output' \
  --output text | tail -100

Common Causes

  • Configuration misconfiguration
  • Missing or incorrect credentials
  • Network connectivity issues
  • Version compatibility problems
  • Resource exhaustion or limits
  • Permission or access denied

Step-by-Step Fix

  1. 1.Check logs for specific error messages
  2. 2.Verify configuration settings
  3. 3.Test network connectivity
  4. 4.Review recent changes
  5. 5.Apply corrective action
  6. 6.Verify the fix

Common Causes and Solutions

Cause 1: System Status Check Failed

This indicates AWS infrastructure problems.

bash
# Check which system check failed
aws ec2 describe-instance-status \
  --instance-ids i-1234567890abcdef0 \
  --query 'InstanceStatuses[*].SystemStatus.Details[*].[Name,Status]'

Solution: AWS handles system status issues. Options:

```bash # Wait for AWS to resolve (usually automatic) aws ec2 wait instance-status-ok --instance-ids i-1234567890abcdef0

# Or reboot the instance aws ec2 reboot-instances --instance-ids i-1234567890abcdef0

# Or stop and start (moves to new hardware) aws ec2 stop-instances --instance-ids i-1234567890abcdef0 aws ec2 wait instance-stopped --instance-ids i-1234567890abcdef0 aws ec2 start-instances --instance-ids i-1234567890abcdef0 ```

Cause 2: Instance Status Check Failed - Network

bash
# Check details
aws ec2 describe-instance-status \
  --instance-ids i-1234567890abcdef0 \
  --query 'InstanceStatuses[*].InstanceStatus.Details[?Name==`reachability`]'

Solutions:

  1. 1.Check security groups:

```bash aws ec2 describe-instances \ --instance-ids i-1234567890abcdef0 \ --query 'Reservations[*].Instances[*].SecurityGroups[*].GroupId'

aws ec2 describe-security-groups \ --group-ids sg-12345 \ --query 'SecurityGroups[*].IpPermissions[*]' ```

  1. 1.Check network ACLs:
bash
aws ec2 describe-network-acls \
  --filters "Name=association.subnet-id,Values=subnet-12345"
  1. 1.Check instance has public IP:
bash
aws ec2 describe-instances \
  --instance-ids i-1234567890abcdef0 \
  --query 'Reservations[*].Instances[*].[PublicIpAddress,PublicDnsName]'
  1. 1.Reboot instance:
bash
aws ec2 reboot-instances --instance-ids i-1234567890abcdef0

Cause 3: Instance Status Check Failed - OS Issues

The OS may be unresponsive or misconfigured.

bash
# Check console output for errors
aws ec2 get-console-output \
  --instance-id i-1234567890abcdef0 \
  --output text

Common OS issues:

  1. 1.Kernel panic - Reboot or restore from snapshot
  2. 2.Out of memory - Increase instance size
  3. 3.Disk full - Expand volume or clean up
  4. 4.Network misconfiguration - Check /etc/network/interfaces

Solution: Stop, modify, and start:

```bash # Stop instance aws ec2 stop-instances --instance-ids i-1234567890abcdef0

# Wait for stopped aws ec2 wait instance-stopped --instance-ids i-1234567890abcdef0

# Change instance type (if memory issue) aws ec2 modify-instance-attribute \ --instance-id i-1234567890abcdef0 \ --instance-type "{\"Value\": \"t3.large\"}"

# Start instance aws ec2 start-instances --instance-ids i-1234567890abcdef0 ```

Cause 4: Incorrect Instance Initialization

Instance may not have completed initialization.

bash
# Check user data execution
aws ec2 get-console-output \
  --instance-id i-1234567890abcdef0 \
  --output text | grep -A 50 "cloud-init"

Solution: Wait for initialization or fix user data script:

```bash # Check if instance is still initializing aws ec2 describe-instance-status \ --instance-ids i-1234567890abcdef0 \ --query 'InstanceStatuses[*].InstanceStatus.Status'

# If stuck, reboot aws ec2 reboot-instances --instance-ids i-1234567890abcdef0 ```

Cause 5: EBS Volume Issues

Attached volumes may have problems.

```bash # Check attached volumes aws ec2 describe-instances \ --instance-ids i-1234567890abcdef0 \ --query 'Reservations[*].Instances[*].BlockDeviceMappings[*]'

# Check volume status aws ec2 describe-volumes \ --filters "Name=attachment.instance-id,Values=i-1234567890abcdef0" \ --query 'Volumes[*].[VolumeId,State,Status]' ```

Solution: If volume has issues:

```bash # Check volume status details aws ec2 describe-volume-status \ --filters "Name=volume-id,Values=vol-12345"

# If volume impaired, detach and reattach aws ec2 stop-instances --instance-ids i-1234567890abcdef0 aws ec2 wait instance-stopped --instance-ids i-1234567890abcdef0

aws ec2 detach-volume --volume-id vol-12345 aws ec2 attach-volume --volume-id vol-12345 --instance-id i-1234567890abcdef0 --device /dev/sda1

aws ec2 start-instances --instance-ids i-1234567890abcdef0 ```

Cause 6: Memory Exhaustion

Instance ran out of memory.

bash
# Check console for OOM errors
aws ec2 get-console-output \
  --instance-id i-1234567890abcdef0 \
  --output text | grep -i "out of memory"

Solution:

bash
# Increase instance size
aws ec2 stop-instances --instance-ids i-1234567890abcdef0
aws ec2 modify-instance-attribute \
  --instance-id i-1234567890abcdef0 \
  --instance-type "{\"Value\": \"t3.large\"}"
aws ec2 start-instances --instance-ids i-1234567890abcdef0

Cause 7: CPU Credits Exhausted (T2/T3 instances)

Burstable instances may run out of CPU credits.

bash
# Check CPU credits
aws cloudwatch get-metric-statistics \
  --namespace AWS/EC2 \
  --metric-name CPUCreditBalance \
  --dimensions InstanceId=i-1234567890abcdef0 \
  --start-time $(date -u -d '1 hour ago' +%Y-%m-%dT%H:%M:%SZ) \
  --end-time $(date -u +%Y-%m-%dT%H:%M:%SZ) \
  --period 300 \
  --statistics Average

Solution:

```bash # Switch to unlimited mode aws ec2 modify-instance-credit-specification \ --instance-id i-1234567890abcdef0 \ --cpu-credits unlimited

# Or upgrade to non-burstable instance aws ec2 stop-instances --instance-ids i-1234567890abcdef0 aws ec2 modify-instance-attribute \ --instance-id i-1234567890abcdef0 \ --instance-type "{\"Value\": \"m5.large\"}" aws ec2 start-instances --instance-ids i-1234567890abcdef0 ```

Recovery Procedures

Basic Recovery

```bash # 1. Reboot instance aws ec2 reboot-instances --instance-ids i-1234567890abcdef0

# 2. Wait and check status aws ec2 wait instance-status-ok --instance-ids i-1234567890abcdef0

# 3. If still failing, stop and start aws ec2 stop-instances --instance-ids i-1234567890abcdef0 aws ec2 wait instance-stopped --instance-ids i-1234567890abcdef0 aws ec2 start-instances --instance-ids i-1234567890abcdef0 ```

Recovery from AMI

```bash # Create AMI from instance aws ec2 create-image \ --instance-id i-1234567890abcdef0 \ --name "recovery-image-$(date +%Y%m%d)"

# Launch new instance from AMI aws ec2 run-instances \ --image-id ami-new-image \ --instance-type t3.micro \ --key-name my-key \ --security-group-ids sg-12345 \ --subnet-id subnet-12345 ```

Recovery from Snapshot

```bash # Create volume from snapshot aws ec2 create-volume \ --snapshot-id snap-12345 \ --volume-type gp3 \ --availability-zone us-east-1a

# Attach to new instance aws ec2 attach-volume \ --volume-id vol-new \ --instance-id i-new-instance \ --device /dev/sda1 ```

Verification

```bash # Check instance status aws ec2 describe-instance-status \ --instance-ids i-1234567890abcdef0

# Should show: # InstanceStatus.Status: ok # SystemStatus.Status: ok

# Test connectivity # SSH into instance ssh -i key.pem ec2-user@public-ip

# Or ping ping public-ip

# Check web response (if applicable) curl -I http://public-ip ```

Monitoring and Alerts

```bash # Create CloudWatch alarm for status check aws cloudwatch put-metric-alarm \ --alarm-name ec2-status-check-failed \ --alarm-description "EC2 status check failed" \ --namespace AWS/EC2 \ --metric-name StatusCheckFailed \ --dimensions InstanceId=i-1234567890abcdef0 \ --statistic Maximum \ --period 60 \ --threshold 1 \ --comparison-operator GreaterThanOrEqualToThreshold \ --evaluation-periods 1 \ --alarm-actions arn:aws:sns:us-east-1:123456789012:alerts

# Create recovery action aws cloudwatch put-metric-alarm \ --alarm-name ec2-automatic-recovery \ --namespace AWS/EC2 \ --metric-name StatusCheckFailed_System \ --dimensions InstanceId=i-1234567890abcdef0 \ --statistic Maximum \ --period 60 \ --threshold 1 \ --comparison-operator GreaterThanOrEqualToThreshold \ --evaluation-periods 2 \ --alarm-actions arn:aws:automate:us-east-1:ec2:recover ```

Prevention

  1. 1.[ ] Check instance status details
  2. 2.[ ] Review console output for errors
  3. 3.[ ] Verify security group rules
  4. 4.[ ] Check network ACLs
  5. 5.[ ] Verify EBS volume status
  6. 6.[ ] Check CPU credit balance (T2/T3)
  7. 7.[ ] Review memory usage
  8. 8.[ ] Try reboot first
  9. 9.[ ] Stop/start if reboot fails
  10. 10.[ ] Create AMI backup before major changes
  • [AWS troubleshooting: Fix IAM Permission Denied - Complete Tro](fix-iam-permission-denied)
  • [AWS cloud troubleshooting: AWS ACM Certificate Pending Validation Because the](aws-acm-certificate-pending-validation-wrong-route53-zone)
  • [AWS cloud troubleshooting: AWS ALB Returns 502 Because the Target Closed the ](aws-alb-502-target-closed-connection-keepalive-timeout-mismatch)
  • [AWS cloud troubleshooting: Fix AWS ALB CreateListener TargetGroupNotFound Err](aws-alb-createlistener-targetgroupnotfound)
  • [AWS cloud troubleshooting: Fix Aws Alb Lambda 502 Bad Gateway Issue in AWS](aws-alb-lambda-502-bad-gateway)

<script type="application/ld+json"> { "@context": "https://schema.org", "@type": "TechArticle", "headline": "Fix AWS EC2 Instance Reachability Check Failed", "description": "Step-by-step guide to fix EC2 reachability check failures. Recover instances, diagnose status check issues, and restore EC2 availability.", "url": "https://www.fixwikihub.com/fix-aws-ec2-reachability-check-failed", "publisher": { "@type": "Organization", "name": "FixWikiHub", "url": "https://www.fixwikihub.com" }, "author": { "@type": "Person", "name": "FixWikiHub Editorial Team" }, "datePublished": "2026-04-27T10:11:00.000Z", "dateModified": "2026-04-27T10:11:00.000Z" } </script>