AWS Amazon EC2 DHCP Options
This page shows how to write Terraform and CloudFormation for Amazon EC2 DHCP Options and write them securely.
aws_vpc_dhcp_options (Terraform)
The DHCP Options in Amazon EC2 can be configured in Terraform with the resource name aws_vpc_dhcp_options. The following sections describe 3 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_vpc_dhcp_options" "principal" {
domain_name_servers = ["AmazonProvidedDNS"]
}
resource "aws_vpc_dhcp_options_association" "principal" {
vpc_id = var.vpc_id
resource "aws_vpc_dhcp_options" "principal" {
domain_name_servers = ["AmazonProvidedDNS"]
}
resource "aws_vpc_dhcp_options_association" "principal" {
vpc_id = var.vpc_id
resource "aws_vpc_dhcp_options" "dhcp-lamda" {
domain_name = "adi123.com.domain_name"
domain_name_servers = ["AmazonProvidedDNS"]
tags {
Name = "dhcp-aditya"
Parameters
-
arnoptional computed - string -
domain_nameoptional - string -
domain_name_serversoptional - list of string -
idoptional computed - string -
netbios_name_serversoptional - list of string -
netbios_node_typeoptional - string -
ntp_serversoptional - list of string -
owner_idoptional computed - string -
tagsoptional - map from string to string
Explanation in Terraform Registry
Provides a VPC DHCP Options resource.
Tips: Best Practices for The Other AWS Amazon EC2 Resources
In addition to the aws_default_vpc, AWS Amazon EC2 has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
aws_default_vpc
Ensure to avoid using default VPC
It is better to define the own VPC and use it.
aws_network_acl_rule
Ensure your network ACL rule blocks unwanted inbound traffic
It is better to block unwanted inbound traffic.
aws_ebs_volume
Ensure to use a customer-managed key for EBS volume encryption
It is better to use a customer-managed key for EBS volume encryption. It can be gain more control over the encryption by using customer-managed keys (CMK).
aws_instance
Ensure to avoid storing AWS access keys in user data
It is better to avoid storing AWS access keys in user data. `aws_iam_instance_profile` could be used instead.
aws_security_group
Ensure your security group blocks unwanted inbound traffic
It is better to block unwanted inbound traffic.
AWS::EC2::DHCPOptions (CloudFormation)
The DHCPOptions in EC2 can be configured in CloudFormation with the resource name AWS::EC2::DHCPOptions. The following sections describe 10 examples of how to use the resource and its parameters.
Example Usage from GitHub
Type: 'AWS::EC2::DHCPOptions'
Properties:
Tags:
- Key: Name
Value: test.local
DomainName: test.local
Type: 'AWS::EC2::DHCPOptions'
Properties:
Tags:
- Key: Name
Value: ds-common-dopt
DomainName: ap-northeast-1.compute.internal
Type: 'AWS::EC2::DHCPOptions'
Properties:
Tags:
- Key: Name
Value: sample-cfn-dopt
DomainName: ap-northeast-1.compute.internal
Type: AWS::EC2::DHCPOptions
Properties:
DomainName: !Sub "${AWS::Region}.compute.internal"
DomainNameServers:
- AmazonProvidedDNS
Type: AWS::EC2::DHCPOptions
Properties:
DomainName: !Sub "${AWS::Region}.compute.internal"
DomainNameServers:
- AmazonProvidedDNS
"Type": "AWS::EC2::DHCPOptions",
"Properties": {
"DomainName": "us-west-2.compute.internal",
"DomainNameServers": [
"AmazonProvidedDNS"
]
"Type" : "AWS::EC2::DHCPOptions",
"Properties" : {
"DomainName" : "example.com",
"DomainNameServers" : [ "AmazonProvidedDNS" ],
"NtpServers" : [ "10.2.5.1" ],
"NetbiosNameServers" : [ "10.2.5.1" ],
"Type" : "AWS::EC2::DHCPOptions",
"Properties" : {
"DomainName" : "example.com",
"DomainNameServers" : [ "AmazonProvidedDNS" ],
"NtpServers" : [ "10.2.5.1" ],
"NetbiosNameServers" : [ "10.2.5.1" ],
"Type": "AWS::EC2::DHCPOptions",
"Properties": {
"Tags": [
{
"Key": "Name",
"Value": "test.local"
"Type" : "AWS::EC2::DHCPOptions",
"Properties": {
"DomainNameServers" : [ "10.0.0.1", "10.0.0.2" ]
}
}
}
Parameters
-
DomainNameoptional - String -
DomainNameServersoptional - List -
NetbiosNameServersoptional - List -
NetbiosNodeTypeoptional - Integer -
NtpServersoptional - List -
Tagsoptional - List of Tag
Explanation in CloudFormation Registry
Specifies a set of DHCP options for your VPC.
You must specify at least one of the following properties:
DomainNameServers,NetbiosNameServers,NtpServers. If you specifyNetbiosNameServers, you must specifyNetbiosNodeType.
Frequently asked questions
What is AWS Amazon EC2 DHCP Options?
AWS Amazon EC2 DHCP Options is a resource for Amazon EC2 of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS Amazon EC2 DHCP Options?
For Terraform, the andremulin/aws_route53_strategies_article, andremulin/aws_route53_strategies_article and adilogishetty/AWS-DevOps-Sample-TEK source code examples are useful. See the Terraform Example section for further details.
For CloudFormation, the gabe1314/Cloudformation-templates, d-shimizu/aws-cloudformation-sample-cross-stack and d-shimizu/aws-cloudformation-sample-single-stack source code examples are useful. See the CloudFormation Example section for further details.
