Neo4j on AWS CIS benchmark instance

Hi There,
I created an aws ec2 instance running CIS benchmark ubuntu 18.04 and installed neo4j. For security purposes, we want to run on a hardened image. However, once I started neo4j, I could not connect to ports 7474 or 7687. Has anyone used an aws hardened image? I debugged all the connectivity using tcpdump and I don't think it's a connection issue.

I'm using v 4.0.5. And there are no error messages in debug.log. If I curl to port 7474 from the env itself, it gives a good response. Just wondering if anyone has used this image before to run neo4j.
Thanks!