AWS cannot connect to any T3 instance, vpc config valid (I think)

Question

I created a new VPC ca-central. I followed the same procedure as everywhere else:

• New VPC (this created acl which is wide open)
• three subnets, one for each availabiltiy zone, CIDR spaced out properly
• all subnets on routing table
• that routing table routes 0.0.0.0/0 to internet gateway
• instances use a secGroup which has port 22 open inbound, all traffic outbound
• everything attached properly to vpc

I cannot connect to any T3 instance created there via ssh, spot or on-demand. I even tried using factory AIM for ubuntu instead of our AIMs, same thing. Any attempt just times out. For test, I allowed all ports in secGroup, and that did not help. I nuked everything and created from scratch, didn't help.

I do not know what I did wrong. Exactly the same setup is in us-east-1 and it works just fine. Anyone has any idea what I am doing wrong?

PS: Instances have public IPs linked to internal IP on the VNIC attached to vpc

Edit: The CloudFormation script for the VPC: https://pastebin.com/VK3Cb6j8

Edit: VPS is ok, T2 isntaces work, but T3 instances do not work.

Answer 1

Well, after a few back and forth with customer support, I got this:

"Thank you for your patience. I have worked with my internal team and they have allowed other regions to be fully functional. You should now be able to access the instances over SSH. "

And now it works. Apparently there are some hidden settings not reachable by administrative screens which limit regions and/or instance types. I am leaving this answer here in case other people run into this problem. Unfortunately you'll have to pay 1 month of developer support so you can reach them so they could look into what was obviously their problem that you had no way of correcting yourself. I intend to ask for a refund for CS subscription, but not holding my hopes on that. Either way, the problem was resolved by L2 support.

Edit: They accepted my claim that I shouldn't have had to pay for customer support to resolve this and they refunded me. Ultimately, their recommendation is to raise this issue with Account and Billing issue as they are the ones handling changes to those hidden limitations.