EC2 instance tunnel with zero trust access

Hi,
Im a bit stuck and not sure what I’m doing wrong.
I was hoping to have my EC2 instance protected with zero trust access and only users with WARP can SSH into it. I have done the following so far:

I have followed this guide here https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/deployment-guides/aws/.
Installed cloudflared services in my EC2 instance as per the guide.
Created tunnel and started it as per the guide.
I routed the tunnel to 172.31.0.0/16.
I have created a security group to accept all traffic from (172.31.0.0/16) and incoming ssh from (162.159.0.0/16) assuming this is the WARP IP Range.
I can see the tunnel is Healthy.
My WARP installed and configured.
Still cant connect.
If anyone will be able to help, that will be appreciated.

Hi there,

Did you check your warp diag logs to see if there is anything flagged out?

Thank you.

Thanks @oshariff , I have checked and couldn’t see anything wrong. I use the WARP for other web applications in (access) and its working fine. Only for the EC2 (ssh) is not working.

Hi there,

Anything from here (Firewall on EC2)?

Thank you.

Thanks @oshariff,
The EC2 instance is not behind any firewall except AWS security group which is allowing traffic from:
162.159.0.0/16
172.31.0.0/16