Modify VPC peering connection options - Amazon Virtual Private Cloud
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Modify VPC peering connection options

You can modify a VPC peering connection to do the following:

Enable DNS resolution for a VPC peering connection

To enable a VPC to resolve public IPv4 DNS hostnames to private IPv4 addresses when queried from instances in the peer VPC, you must modify your existing peering connection.

Both VPCs must be enabled for DNS hostnames and DNS resolution.

You cannot enable DNS resolution support when you create a new peering connection. You can enable DNS resolution support for an existing peering connection that's in the active state.

To enable DNS resolution for a peering connection
  1. Open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, choose Peering connections.

  3. Select the VPC peering connection, and choose Actions, Edit DNS settings.

  4. To ensure that queries from the peer VPC resolve to private IP addresses in your local VPC, choose the option to enable DNS resolution for queries from the peer VPC. This option is Requester DNS resolution or Accepter DNS resolution, depending on whether the VPC is the requester or accepter VPC.

  5. If the peer VPC is in the same Amazon Web Services account, you can enable DNS resolution for both VPCs in the peering connection.

  6. Choose Save changes.

  7. If the peer VPC is in a different Amazon account or a different Region, the owner of the peer VPC must sign into the VPC console, perform steps 2 through 4, and choose Save changes.

To enable DNS resolution using the command line or an API

You must modify the requester VPC peering options if you are the requester of the VPC peering connection, and you must modify the accepter VPC peering options if you are the accepter of the VPC peering connection. You can use the describe-vpc-peering-connections or Get-EC2VpcPeeringConnections commands to verify which VPC is the accepter and the requester for a VPC peering connection. For inter-Region peering connections, you must use the Region for the requester VPC to modify the requester VPC peering options and the Region for the accepter VPC to modify the accepter VPC peering options.

In this example, you are the requester of the VPC peering connection, therefore modify the peering connection options using the Amazon CLI as follows:

aws ec2 modify-vpc-peering-connection-options --vpc-peering-connection-id pcx-aaaabbbb --requester-peering-connection-options AllowDnsResolutionFromRemoteVpc=true