I want to create an instance with fixed mac: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html And I want to ssh to the created public IP address of instance, but SSH port is filtered:

nmap -p22 A.A.A.A -Pn
PORT STATE SERVICE
22/tcp filtered ssh

Here is the code:

import pulumi
from pulumi_aws import ec2

NODE_AMI_ID = "ami-0bce9ab1f1be3282a"

public_key = 'ssh-rsa AAA'

key = ec2.KeyPair(
'key-res',
public_key=public_key
)

vpc = ec2.Vpc(
"vpc-res",
cidr_block="10.5.0.0/16",
tags={"Name": "vpc-res"},
)

subnet = ec2.Subnet(
"subnet-res",
cidr_block="10.5.1.0/24",
vpc_id=vpc.id
)

igw = ec2.InternetGateway(
"igw-res",
tags={"Name": "igw-res"},
)

igw_attachment = ec2.InternetGatewayAttachment(
"igw-attachment-res",
vpc_id=vpc.id,
internet_gateway_id=igw.id,
)

sec_grp = ec2.SecurityGroup(
'security-group-res',
description='Enable SSH access',
ingress=[
{'protocol': 'tcp',
'from_port': 22,
'to_port': 22,
'cidr_blocks': ['0.0.0.0/0']
}
],
vpc_id=vpc.id,
)

eni = ec2.NetworkInterface(
'eni-res',
subnet_id=subnet.id,
private_ips=['10.5.1.100'],
security_groups=[sec_grp.id],
description='This ENI has a fixed MAC address',
)

eip = ec2.Eip(
'eip-res',
vpc=True,
network_interface=eni.id,
associate_with_private_ip='10.5.1.100',
tags={"Name": 'eip-res'},
)

instance = ec2.Instance(
'suprema-res',
ami=NODE_AMI_ID,
instance_type='t2.micro',
network_interfaces=[
{
'deviceIndex': 0,
'networkInterfaceId': eni.id
}
],
key_name=key.key_name,
tags={"Name": 'suprema-res'},
)