Amazon EC2 has some issues with FTP. See here for a solution to this common issue. However, this may not be your best solution. I go by the philosophy that the fewer ports I can open, the safer I am. Even if you are keeping it open only to your local IP, you are not completely safe from a DoS or some other malicious attack. Multiple checks are better than one, and fewer ports are better than more.
The issue is that FTP is that it was designed and implemented prior to any of today's security concerns. While you can make FTP more secure, and there are solutions on the web for this (like the one above), a better - and possibly MUCH easier - solution could be found in allowing FTPS over Port 22. Evidently, by installing and activating some packages you may be able to open Wordpress updates to a new option.
See here (not tested by me) for the FTPS solution which runs through Port 22 by binding to PHP through libssh2-php
on Debian (or these steps on CentOS).