No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

if you are an Admin on the AWS account you can probably get into the host using ssm system manager sessions

assuming the host is running a newer ubuntu or amzlinux image

you might need to add a role to the ec2, but then at least you can get onto the machine and curl locally to see if the web server is working

<https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager.html>

looking at the target group's targets should tell you if they are "healthy" or not

if not, then:
• make sure webserver is online
• make sure locally you can curl it
• review your target group health check settings (check the path and port)

• if they aren't passing, then likely is an issue between ALB and EC2 networking or security group.  usually i make the ingress on ALB be 80/443, no restriction on outbound.

another good thing is to create a "self referencing security group" and apply that to the ALB, the EC2, and the RDS, that allows them to all communicate with eachother (allow all traffic) start with that, makes it easier, I dont tend to restrict outbound traffic

also, make sure your VPC allows NACL traffic at the subnet level

even though security group allows it, doesnt mean subnet or vpc does

<@UD8CWJT19> really THANKS for your comments!

I got the real cause of my problem, ec2 user-data script, because ubuntu 20.04 supports only python3 http.server, not python SimpleHTTPServer:white_frowning_face:

Now my load balancer is healthy, and I got really a little more exact view for VPC, ALB, Ports. It’s bit annoying, but interesting!

You’re comment for ssm and  ports really save me. Thanks to you again.