AWS Amazon EC2 Availability Zone Group
This page shows how to write Terraform for Amazon EC2 Availability Zone Group and write them securely.
aws_ec2_availability_zone_group (Terraform)
The Availability Zone Group in Amazon EC2 can be configured in Terraform with the resource name aws_ec2_availability_zone_group
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
-
group_name
required - string -
id
optional computed - string -
opt_in_status
required - string
Explanation in Terraform Registry
Manages an EC2 Availability Zone Group, such as updating its opt-in status.
NOTE: This is an advanced Terraform resource. Terraform will automatically assume management of the EC2 Availability Zone Group without import and perform no actions on removal from configuration.
Tips: Best Practices for The Other AWS Amazon EC2 Resources
In addition to the aws_default_vpc, AWS Amazon EC2 has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
aws_default_vpc
Ensure to avoid using default VPC
It is better to define the own VPC and use it.
aws_network_acl_rule
Ensure your network ACL rule blocks unwanted inbound traffic
It is better to block unwanted inbound traffic.
aws_ebs_volume
Ensure to use a customer-managed key for EBS volume encryption
It is better to use a customer-managed key for EBS volume encryption. It can be gain more control over the encryption by using customer-managed keys (CMK).
aws_instance
Ensure to avoid storing AWS access keys in user data
It is better to avoid storing AWS access keys in user data. `aws_iam_instance_profile` could be used instead.
aws_security_group
Ensure your security group blocks unwanted inbound traffic
It is better to block unwanted inbound traffic.
CloudFormation Example
CloudFormation code does not have the related resource.