# Optional Steps

## Task 1: Troubleshooting connectivity between the private instance and the public instance

In this optional task, you use the Internet Control Message Protocol (ICMP) to validate a private instance’s network reachability from the public instance.

 **Note:** This task is **optional** and is provided in case you have lab time remaining. You can complete this task or skip to the [end](https://us-east-1.durian.bkr.team.aws.training/session/8EbsdpwLaNcZeZgYjmdzvr?locale=en-US&reference=wDd9KFmKCDK2x8tifh4WFu%3A%3A44f534f1-7b32-464b-88da-8df283f68842#conclusion) of the lab.

134. Return to the AWS Management Console browser tab.
135. In the left navigation pane, choose **Instances**.
136. Select **Private Instance**.
137. On the **Details** tab, copy the value of **Private IPv4 addresses** to your clipboard.

 **Note:** To copy the private IPv4 address, hover over it and choose the copy icon.

138. Unselect **Private Instance**.
139. Select **Public Instance**.
140. Choose Connect.

The **Connect to instance** page is displayed.

141. Choose the **Session Manager** tab.
142. Choose Connect.

A new browser tab or window opens with a connection to the **Public Instance**.

First, use a *curl* command to retrieve a header file and confirm is the web app hosted on the private instance is reachable from the public instance.

143. **Command:** Copy the following command to your notepad. Replace **PRIVATE\_IP** with the value of the **Private IPv4 address** for the **Private Instance**:

```
curl PRIVATE_IP
```

<span id="bkmrk--1"></span>

 **Expected output:**

```
<html><body><h1>It works!</h1></body></html>
```

<span id="bkmrk--3"></span>

144. **Command:** Copy the following command to your notepad. Replace **PRIVATE\_IP** with the value of the **Private IPv4 address** for the **Private Instance**:

```
ping PRIVATE_IP
```

<span id="bkmrk--5"></span>

145. **Command:** Copy and paste the updated command in your terminal and press **Enter**.

 **This is a sample command only.** Do not use the following command.

```
ping 10.0.2.131
```

<span id="bkmrk--7"></span>

146. After a few seconds, stop the ICMP ping request by pressing CTRL+C.

**The ping request to the private instance fails**. Your challenge is to use the console and figure out the correct *inbound rule* required in the **Private SG** to be able to successfully ping the private instance.

If you have trouble completing the optional task, refer to the [Optional Task Solution](https://us-east-1.durian.bkr.team.aws.training/session/8EbsdpwLaNcZeZgYjmdzvr?locale=en-US&reference=wDd9KFmKCDK2x8tifh4WFu%3A%3A44f534f1-7b32-464b-88da-8df283f68842#optional-solution) section at the end of the lab.

---

## Task 2: Retrieving instance metadata

In this optional task, you run instance metadata commands on AWS CLI using a tool such as cURL. Instance metadata is available from your running Amazon EC2 instance. This can be helpful when you write scripts to run from your Amazon EC2 instance.

 **Note:** This task is **optional** and is provided in case you have lab time remaining. You can complete this task or skip to the [end](https://us-east-1.durian.bkr.team.aws.training/session/8EbsdpwLaNcZeZgYjmdzvr?locale=en-US&reference=wDd9KFmKCDK2x8tifh4WFu%3A%3A44f534f1-7b32-464b-88da-8df283f68842#conclusion) of the lab .

147. Return to the browser tab with the AWS Management Console open.
148. In the left navigation pane, choose **Instances**.
149. Select **Public Instance**.
150. Choose Connect.

The **Connect to instance** page is displayed.

151. Choose the **Session Manager** tab.
152. Choose Connect.

A new browser tab or window opens with a connection to the **Public Instance**.

153. **Command:** To view all categories of instance metadata from within a running instance, run the following command:

```
TOKEN=`curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600"` \
&& curl -H "X-aws-ec2-metadata-token: $TOKEN" -v http://169.254.169.254/latest/meta-data/
```

<span id="bkmrk--10"></span>

154. **Command:** Run the following command to retrieve the public-hostname (one of the top-level metadata items that were obtained in the preceding command):

```
curl -H "X-aws-ec2-metadata-token: $TOKEN" -v http://169.254.169.254/latest/meta-data/public-hostname
```

<span id="bkmrk--12"></span>

 **Note:** The IP address 169.254.169.254 is a link-local address and is valid only from the instance.

You have successfully learned how to retrieve instance metadata from your running Amazon EC2 instance.

</body></html>