Amazon EC2 instance can't update or use yum

I am using Amazon's tutorial for installing a LAMP server. The first several instructions involve using yum, but every single way I have tried to do it has resulted in the same message. I have found a few other recent questions about the same issue, none of which change anything on my setup.

Here is the message:

Loaded plugins: priorities, update-motd, upgrade-helper
Could not retrieve mirrorlist http://repo.us-east-1.amazonaws.com/latest/main/mirror.list error was
12: Timeout on http://repo.us-east-1.amazonaws.com/latest/main/mirror.list: (28, 'Connection timed out after 10001 milliseconds')


One of the configured repositories failed (Unknown),
and yum doesn't have enough cached data to continue. At this point the only
safe thing yum can do is fail. There are a few ways to work "fix" this:

 1. Contact the upstream for the repository and get them to fix the problem.

 2. Reconfigure the baseurl/etc. for the repository, to point to a working
    upstream. This is most often useful if you are using a newer
    distribution release than is supported by the repository (and the
    packages for the previous distribution release still work).

 3. Disable the repository, so yum won't use it by default. Yum will then
    just ignore the repository until you permanently enable it again or use
    --enablerepo for temporary usage:

        yum-config-manager --disable <repoid>

 4. Configure the failing repository to be skipped, if it is unavailable.
    Note that yum will try to contact the repo. when it runs most commands,
    so will have to try and fail each time (and thus. yum will be be much
    slower). If it is a very temporary problem though, this is often a nice
    compromise:

        yum-config-manager --save --setopt=<repoid>.skip_if_unavailable=true

 Cannot find a valid baseurl for repo: amzn-main/latest

I have done this same thing before without running into any problems, using the same tutorial, but it was several months ago. I don't know what has changed but my meager experience is keeping me from figuring it out.


Solution 1:

Looks like the host is having trouble contacting the yum server. Make sure the instance has outbound internet access (check security groups etc). If the instance is in a VPC and the security groups look good you may need to use a nat appliance or attach an elastic IP.

Good luck-

Solution 2:

If you have an S3 endpoint on your VPC then this will cause yum to fail as repo file is stored in S3. To fix this add the following policy to S3:

{
"Version": "2012-10-17",
"Statement": [
    {
        "Effect": "Allow",
        "Principal": "*",
        "Action": "*",
        "Resource": [
            "arn:aws:s3:::repo.eu-west-1.amazonaws.com",
            "arn:aws:s3:::repo.eu-west-1.amazonaws.com/*"
        ]
    }
]
}

Replace eu-west-1 with the relevant region code that your S3 endpoint is in.

Solution 3:

A lot of first time users of Amazon EC2 run into this issue. In my experience, it's usually the result of not setting the allowed outgoing connections on their instance's security group. The tutorial that Amazon has for configuring Amazon Linux instances only mentions setting the Incoming connections so it's easy to forget that you never set the allowed outgoing ones. Simply allowing HTTP and HTTPS requests to any IP Address should fix the issue.