In the last blog post, I wrote about how we can configure Active Directory Domain Service in the Azure Cloud. So this time I decided to focus on AWS and walk through the steps that are needed when you are facing the following two scenarios:
- Configuring a custom Active Directory(AD) domain and DNS servers for instances running in your AWS Virtual Private Cloud(VPC).
- Extending your on-premises AD and DNS servers to your AWS VPC.
So, let’s start with the first scenario. In this scenario, all your instances are running in your AWS VPC.
- Navigate to your VPC using the AWS Management console and change or verify the Edit DNS Resolution and Edit DNS Hostname settings to Yes.
- Now, navigate to the Route53 section in your account and click on Create Hosted Zone. Enter the custom Domain name and select Private Hosted Zone for Amazon VPC from the Type drop down box, and then select your VPC ID. Click Create to create the new Internal Hosted Zone.
- Now that you have your own internal hosted zone in Route53, you can start creating Record Sets for your instances. Enter a name and the private IP address for your instance and click Create.
- To test that this works, you can log into any one of your instances and try to do a nslookup. You should see your internal hosted zone along with the .2 IP address from your subnet which represents that you are still using the AWS provided Route53 DNS servers.
- You can create similar record sets for all the instances that you want to manage in your hosted zone and start using hostnames for communicating between your instances.
Now, let’s move on to the second scenario. In this case, we won’t be able to use the DNS Servers provided by Route53, as they have a strict requirement that the traffic should originate from inside your AWS Account. Complete the following steps if you want to use your on-premises DNS servers for your instances running in your AWS Account.
- First, we need to make sure that you have a VPN connection set up between your on-premises environment and your Amazon VPC. This is required to ensure that all the instances in your VPC are able to reach your on-prem DNS Servers.
- Next, navigate to the VPC section in your AWS management console, and click on the DHCP Options Sets in the left column.
- Click on Create DHCP Options Set, and enter a Name tag, Domain Name and Domain Name Server details for your On-Prem DNS Servers. You can optionally enter your NTP Servers, NetBIOS name servers, and NetBIOS Node type details.
- Click on Yes, Create.
- Now, go back to your VPC and click on Actions and Edit DHCP Options Set.
- Select the new DHCP Options Set that you created in the previous steps and click Save.
- The final step is to reboot your existing instances to reflect the changes that you just made. An important point to note is that going forward your Route53 DNS Servers won’t work for these instances, so if you lose connectivity with your on-prem DNS Servers, your instances won’t be able to resolve any hostnames.
Hopefully, the screen shots and the steps listed in this blog post help you easily maneuver through the task of configuring DNS Services in the AWS Cloud.