Top / Amazon Web Service / AWS Amazon EC2Amazon EC2927 examples and best practices for AWS Amazon EC2, including AWS Amazon EC2 AMI and AWS Amazon EC2 Association.Review your .tf file for AWS best practicesShisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).Start Review (free) >AMIaws_ami (5 example cases)Associationaws_eip_association (4 example cases)AWS::EC2::EIPAssociation (10 example cases)Associationaws_route_table_association (1 example case)AWS::EC2::Route (10 example cases)Attachmentaws_network_interface_attachment (1 example case)AWS::EC2::NetworkInterfaceAttachment (10 example cases)Availability Zone Groupaws_ec2_availability_zone_group (0 example case)Capacity Reservationaws_ec2_capacity_reservation (4 example cases)AWS::EC2::CapacityReservation (10 example cases)Carrier Gatewayaws_ec2_carrier_gateway (4 example cases)AWS::EC2::CarrierGateway (7 example cases)Client VPN Authorization Ruleaws_ec2_client_vpn_authorization_rule (1 example case)AWS::EC2::ClientVpnAuthorizationRule (10 example cases)Client VPN Endpointaws_ec2_client_vpn_endpoint (3 example cases)AWS::EC2::ClientVpnEndpoint (10 example cases)Client VPN Network Associationaws_ec2_client_vpn_network_association (0 example case)AWS::EC2::ClientVpnTargetNetworkAssociation (10 example cases)Client VPN Routeaws_ec2_client_vpn_route (2 example cases)AWS::EC2::ClientVpnRoute (9 example cases)Copyaws_ami_copy (5 example cases)Customer Gatewayaws_customer_gateway (5 example cases)AWS::EC2::CustomerGateway (10 example cases)Datafeed Subscriptionaws_spot_datafeed_subscription (2 example cases)Default Kms Keyaws_ebs_default_kms_key (5 example cases)DHCP Optionsaws_vpc_dhcp_options (3 example cases)AWS::EC2::DHCPOptions (10 example cases)DHCP Options Associationaws_vpc_dhcp_options_association (2 example cases)AWS::EC2::VPCDHCPOptionsAssociation (10 example cases)EIPaws_eip (5 example cases)AWS::EC2::EIP (10 example cases)Encryption By Defaultaws_ebs_encryption_by_default (5 example cases)Endpointaws_vpc_endpoint (0 example case)AWS::EC2::VPCEndpoint (10 example cases)Endpoint Connection Notificationaws_vpc_endpoint_connection_notification (5 example cases)AWS::EC2::VPCEndpointConnectionNotification (10 example cases)Endpoint Route Table Associationaws_vpc_endpoint_route_table_association (4 example cases)AWS::EC2::VPCEndpoint (10 example cases)Endpoint Serviceaws_vpc_endpoint_service (2 example cases)AWS::EC2::VPCEndpointService (10 example cases)Endpoint Service Allowed Principalaws_vpc_endpoint_service_allowed_principal (4 example cases)AWS::EC2::VPCEndpoint (10 example cases)Endpoint Subnet Associationaws_vpc_endpoint_subnet_association (2 example cases)AWS::EC2::VPCEndpoint (10 example cases)Fleetaws_ec2_fleet (4 example cases)AWS::EC2::EC2Fleet (10 example cases)Fleet Requestaws_spot_fleet_request (5 example cases)AWS::EC2::SpotFleet (6 example cases)From Instanceaws_ami_from_instance (5 example cases)Hostaws_ec2_host (0 example case)AWS::EC2::Host (10 example cases)Instanceaws_instance (5 example cases) 2 best security practicesEnsure to avoid storing AWS access keys in user dataEnsure HTTP tokens are required for IMDS AWS::EC2::Instance (10 example cases)Instance Requestaws_spot_instance_request (3 example cases)AWS::EC2::SpotFleet (10 example cases)Internet Gatewayaws_internet_gateway (5 example cases)AWS::EC2::InternetGateway (10 example cases)IPv4 Cidr Block Associationaws_vpc_ipv4_cidr_block_association (2 example cases)AWS::EC2::VPCCidrBlock (10 example cases)Key Pairaws_key_pair (5 example cases)Launch Permissionaws_ami_launch_permission (4 example cases)Local Gateway Routeaws_ec2_local_gateway_route (0 example case)AWS::EC2::LocalGatewayRoute (8 example cases)Local Gateway Route Table VPC Associationaws_ec2_local_gateway_route_table_vpc_association (0 example case)AWS::EC2::LocalGatewayRouteTableVPCAssociation (8 example cases)Managed Prefix Listaws_ec2_managed_prefix_list (4 example cases)AWS::EC2::PrefixList (9 example cases)Managed Prefix List Entryaws_ec2_managed_prefix_list_entry (0 example case)AWS::EC2::PrefixList Entry (0 example case)NAT Gatewayaws_nat_gateway (5 example cases)AWS::EC2::NatGateway (10 example cases)Network ACLaws_default_network_acl (4 example cases)Network ACLaws_network_acl (3 example cases)AWS::EC2::NetworkAcl (10 example cases)Network Interfaceaws_network_interface (5 example cases)AWS::EC2::NetworkInterface (10 example cases)Only Internet Gatewayaws_egress_only_internet_gateway (5 example cases)AWS::EC2::EgressOnlyInternetGateway (10 example cases)Peering Connectionaws_vpc_peering_connection (2 example cases)AWS::EC2::VPCPeeringConnection (10 example cases)Peering Connection Accepteraws_vpc_peering_connection_accepter (5 example cases)AWS::EC2::VPCPeeringConnection (10 example cases)Peering Connection Optionsaws_vpc_peering_connection_options (4 example cases)AWS::EC2::VPCPeeringConnection (10 example cases)Permissionaws_snapshot_create_volume_permission (3 example cases)Placement Groupaws_placement_group (3 example cases)AWS::EC2::PlacementGroup (10 example cases)Routeaws_route (4 example cases)AWS::EC2::Route (10 example cases)Route Tableaws_route_table (5 example cases)AWS::EC2::RouteTable (10 example cases)Ruleaws_network_acl_rule (4 example cases) 1 best security practiceEnsure your network ACL rule blocks unwanted inbound traffic AWS::EC2::NetworkAcl (10 example cases)Ruleaws_security_group_rule (0 example case)AWS::EC2::SecurityGroup Egress (0 example case)Security Groupaws_default_security_group (4 example cases)AWS::EC2::SecurityGroup (10 example cases)Security Groupaws_security_group (3 example cases) 3 best security practicesEnsure your security group blocks unwanted inbound trafficEnsure your security group blocks unwanted outbound trafficEnsure to keep the description of your security group up-to-date AWS::EC2::SecurityGroup (10 example cases)Sg Attachmentaws_network_interface_sg_attachment (1 example case)AWS::EC2::NetworkInterfaceAttachment (10 example cases)Snapshotaws_ebs_snapshot (3 example cases)Snapshot Copyaws_ebs_snapshot_copy (5 example cases)Snapshot Importaws_ebs_snapshot_import (0 example case)Subnetaws_default_subnet (4 example cases)AWS::EC2::Subnet (10 example cases)Subnetaws_subnet (1 example case)AWS::EC2::Subnet (10 example cases)Tagaws_ec2_tag (2 example cases)Templateaws_launch_template (5 example cases)AWS::EC2::LaunchTemplate (10 example cases)Traffic Mirror Filteraws_ec2_traffic_mirror_filter (5 example cases)AWS::EC2::TrafficMirrorFilter (10 example cases)Traffic Mirror Filter Ruleaws_ec2_traffic_mirror_filter_rule (3 example cases)AWS::EC2::TrafficMirrorFilterRule (10 example cases)Traffic Mirror Sessionaws_ec2_traffic_mirror_session (4 example cases)AWS::EC2::TrafficMirrorSession (10 example cases)Traffic Mirror Targetaws_ec2_traffic_mirror_target (5 example cases)AWS::EC2::TrafficMirrorTarget (10 example cases)Transit Gatewayaws_ec2_transit_gateway (3 example cases)AWS::EC2::TransitGateway (10 example cases)Transit Gateway Peering Attachmentaws_ec2_transit_gateway_peering_attachment (5 example cases)AWS::EC2::TransitGatewayPeeringAttachment (3 example cases)Transit Gateway Peering Attachment Accepteraws_ec2_transit_gateway_peering_attachment_accepter (5 example cases)AWS::EC2::TransitGatewayPeeringAttachment (3 example cases)Transit Gateway Prefix List Referenceaws_ec2_transit_gateway_prefix_list_reference (2 example cases)AWS::EC2::TransitGateway (10 example cases)Transit Gateway Routeaws_ec2_transit_gateway_route (5 example cases)AWS::EC2::TransitGatewayRoute (10 example cases)Transit Gateway Route Tableaws_ec2_transit_gateway_route_table (2 example cases)AWS::EC2::TransitGatewayRouteTable (10 example cases)Transit Gateway Route Table Associationaws_ec2_transit_gateway_route_table_association_table_association (0 example case)AWS::EC2::TransitGatewayRouteTableAssociation (10 example cases)Transit Gateway Route Table Propagationaws_ec2_transit_gateway_route_table_propagation_table_propagation (0 example case)AWS::EC2::TransitGatewayRouteTablePropagation (10 example cases)Transit Gateway VPC Attachmentaws_ec2_transit_gateway_vpc_attachment (4 example cases)AWS::EC2::TransitGatewayVpcAttachment (0 example case)Transit Gateway VPC Attachment Accepteraws_ec2_transit_gateway_vpc_attachment_accepter (5 example cases)AWS::EC2::TransitGatewayVpcAttachment (0 example case)Volumeaws_ebs_volume (3 example cases) 2 best security practicesEnsure to use a customer-managed key for EBS volume encryptionEnsure to enable EBS volume encryption AWS::EC2::Volume (10 example cases)Volume Attachmentaws_volume_attachment (1 example case)AWS::EC2::VolumeAttachment (10 example cases)VPCaws_default_vpc (5 example cases) 1 best security practiceEnsure to avoid using default VPC AWS::EC2::VPC (10 example cases)VPCaws_vpc (4 example cases)AWS::EC2::VPC (10 example cases)VPC DHCP Optionsaws_default_vpc_dhcp_options (5 example cases)AWS::EC2::VPCDHCPOptionsAssociation (10 example cases)VPN Connectionaws_vpn_connection (3 example cases)AWS::EC2::VPNConnection (10 example cases)VPN Connection Routeaws_vpn_connection_route (2 example cases)AWS::EC2::VPNConnectionRoute (10 example cases)VPN Gatewayaws_vpn_gateway (2 example cases)AWS::EC2::VPNGateway (10 example cases)VPN Gateway Attachmentaws_vpn_gateway_attachment (2 example cases)AWS::EC2::VPNGateway (10 example cases)VPN Gateway Route Propagationaws_vpn_gateway_route_propagation (3 example cases)AWS::EC2::VPNGateway (10 example cases)