You need to open at least the control port (8871) from your AE to your agent.
The last time I meddled with AWS, one could configure one's own firewall rules and open up these ports.
(edit: I just realized your server is in AWS and your agent is in your office ... well, unless you have a VPN between you and your AWS instance (not sure if that's even possible), that wouldn't work unless you expose the agent's control port to the internet so your AWS instance can reach it via a public IP. In that case, you'd also probably be dealing with NAT, and the AE doesn't do NAT, so it needs to be told about the true IP address of the agent via the .ini file. While this can be done, I for one would not like the security implications of exposing an Automic agent to the internet.
In short, it works if you establish a TCP connection, but it may not be a good idea.
Hth,