I was able to ssh from aws-client to the devops-ec2, using the id_rsa key that I generaed using ssh-keygen in /root/.ssh on aws-client, after adding the public key to the devops-ec2 /root/.ssh/authorized-keys.
Note the scenario says aws-client should already exist but it does not, and I had to add an SG rule for port 22 (SSH) and both ec2 instances have that SG, this makes this scenario a huge jump in complexity from the previous 21 scneairos.