@shinyaz

AWS Security Agent: UNREACHABLE is the expected status for private VPC target domains

1 min read
#aws#security-agent#penetration-testing

Encountered during Code Remediation verification and auth flow verification. Registered an EC2 private DNS as a Target Domain with HTTP Route verification. Status stayed UNREACHABLE — never became VERIFIED.

The docs explain:

Private VPC domain: Verify the target domain IP falls within a private CIDR range. Click Verify and confirm that the target domain status becomes Unreachable. This domain can now be used for penetration testing with a configured VPC.

For private VPC domains, UNREACHABLE is the normal, usable status. The agent accesses the target from within the VPC, so external reachability isn't needed. Specify this domain in create-pentest and it works with the VPC config.

Share this post

Shinya Tahara

Shinya Tahara

Solutions Architect @ AWS

I'm a Solutions Architect at AWS, providing technical guidance primarily to financial industry customers. I share learnings about cloud architecture and AI/ML on this site.The views and opinions expressed on this site are my own and do not represent the official positions of my employer.

Read more