AWS Route 53

From Notes

Jump to: navigation, search

Route 53 is AWS' DNS offering. Currently, there's no AWS Management Console GUI to provide management of Route 53 services. Therefore, CLI API tools must be utilized.

Contents

Credentials

Route 53 requires an additional file which once again defines your AWS Access ID and AWS Secret Key. After setting up a Route 30 credential file as described, copy the file to your home directory and set permissions. 

cp $CREDS_DIR/AWS-Route53-Access ~/.aws-secrets
chmod 600 ~/.aws-secrets

dnscurl.pl

dnsclurl.pl is provided by the user community: http://aws.amazon.com/code/Amazon-Route-53/9706686376855511. Download this file, set it to executable and run it. You may need to install a few missing perl modules.

Create Domain

Once everything is in place, create an XML file to request creation of your domain 

<!-- file: example.org-create.xml -->
<CreateHostedZoneRequest xmlns="https://route53.amazonaws.com/doc/2010-10-01/">
  <Name>example.org.</Name>
  <CallerReference>example.org-20110304-001</CallerReference>
  <HostedZoneConfig>
    <Comment>Migrate example.org to Route 53</Comment>
  </HostedZoneConfig>
</CreateHostedZoneRequest>
  • The CallerReference field can contain most any value you wish. I would recommend something similar to the example to allow you to datestamp each domain level change.

Next, request creation using dnscurl.pl 

]# ./dnscurl.pl \
  --keyname my-aws-account \
  -- \
  -H "Content-Type: text/xml; charset=UTF-8" \
  -X POST \
  --upload-file \
  ./example.org-create.xml \
  https://route53.amazonaws.com/2010-10-01/hostedzone

If all is well, AWS will return something similar: 

<?xml version="1.0"?>
<CreateHostedZoneResponse xmlns="https://route53.amazonaws.com/doc/2010-10-01/">
	<HostedZone>
		<Id>/hostedzone/Z5XXXXXXXXXX</Id>
		<Name>example.org.</Name>
		<CallerReference>example.org-20110304-001</CallerReference>
		<Config>
			<Comment>Migrate example.org to Route 53</Comment>
		</Config>
	</HostedZone>
	<ChangeInfo>
		<Id>/change/C35JAXXXXXXTH</Id>
		<Status>PENDING</Status>
		<SubmittedAt>2011-04-04T19:27:19.957Z</SubmittedAt>
		</ChangeInfo>
	<DelegationSet>
		<NameServers>
			<NameServer>ns-170.awsdns-21.com</NameServer>
			<NameServer>ns-1923.awsdns-48.co.uk</NameServer>
			<NameServer>ns-1288.awsdns-33.org</NameServer>
			<NameServer>ns-619.awsdns-13.net</NameServer>
		</NameServers>
	</DelegationSet>
</CreateHostedZoneResponse>
  • You should make note of the HostedZone Id field, as you will need this ID to make changes to the domain.
  • To inquire as to the status of the request, you should make note of the ChangeInfo Id field. See Status below.
  • Use the NameServer fields to update the domain's WHOIS record.

Populate Domain

Once the domain is created, you may begin populating it with DNS Resource Records (RRs). Again, using an XML file, define RRs for the domain. 

<!-- file: example.org-populate.xml -->
<?xml version="1.0" encoding="UTF-8"?>
<ChangeResourceRecordSetsRequest xmlns="https://route53.amazonaws.com/doc/2010-10-01/">
  <ChangeBatch>
    <Comment>Migrate existing records to Amazon Route 53</Comment>
    <Changes>
      <Change>
        <Action>CREATE</Action>
        <ResourceRecordSet>
          <Name>example.org.</Name>
          <Type>A</Type>
          <TTL>3600</TTL>
          <ResourceRecords>
            <ResourceRecord>
              <Value>10.0.0.1</Value>
            </ResourceRecord>
          </ResourceRecords>
        </ResourceRecordSet>
      </Change>
      <Change>
        <Action>CREATE</Action>
        <ResourceRecordSet>
          <Name>ec2.example.org.</Name>
          <Type>A</Type>
          <TTL>3600</TTL>
          <ResourceRecords>
            <ResourceRecord>
              <Value>10.0.0.0</Value>
            </ResourceRecord>
          </ResourceRecords>
        </ResourceRecordSet>
      </Change>
      <Change>
        <Action>CREATE</Action>
        <ResourceRecordSet>
          <Name>www.example.org.</Name>
          <Type>CNAME</Type>
          <TTL>3600</TTL>
          <ResourceRecords>
            <ResourceRecord>
              <Value>ec2.example.org.</Value>
            </ResourceRecord>
          </ResourceRecords>
        </ResourceRecordSet>
      </Change>
      <Change>
        <Action>CREATE</Action>
        <ResourceRecordSet>
          <Name>mail.example.org.</Name>
          <Type>CNAME</Type>
          <TTL>3600</TTL>
          <ResourceRecords>
            <ResourceRecord>
              <Value>ghs.google.com.</Value>
            </ResourceRecord>
          </ResourceRecords>
        </ResourceRecordSet>
      </Change>
      <Change>
        <Action>CREATE</Action>
        <ResourceRecordSet>
          <Name>example.org.</Name>
          <Type>MX</Type>
          <TTL>3600</TTL>
          <ResourceRecords>
            <ResourceRecord>
              <Value>10 ASPMX.L.GOOGLE.com.</Value>
            </ResourceRecord>
            <ResourceRecord>
              <Value>20 ALT1.ASPMX.L.GOOGLE.com.</Value>
            </ResourceRecord>
            <ResourceRecord>
              <Value>30 ALT2.ASPMX.L.GOOGLE.com.</Value>
            </ResourceRecord>
            <ResourceRecord>
              <Value>40 ASPMX2.GOOGLEMAIL.com.</Value>
            </ResourceRecord>
            <ResourceRecord>
              <Value>50 ASPMX3.GOOGLEMAIL.com.</Value>
            </ResourceRecord>
          </ResourceRecords>
        </ResourceRecordSet>
      </Change>
    </Changes>
  </ChangeBatch>
</ChangeResourceRecordSetsRequest>

Using dnscurl.py, request the changes be made. Note to use your zone's Id from the creation step. 

]# dnscurl.pl \
  --keyname my-aws-account \
  -- \
  -H "Content-Type: text/xml; charset=UTF-8" \
  -X POST \
  --upload-file \
  ./example.org-populate.xml \
  https://route53.amazonaws.com/2010-10-01/hostedzone/Z5XXXXXXXXXX/rrset

If the change was accepted, a response is provided with a change number 

<?xml version="1.0"?>
<ChangeResourceRecordSetsResponse xmlns="https://route53.amazonaws.com/doc/2010-10-01/">
	<ChangeInfo>
		<Id>/change/C2XXXXXX</Id>
		<Status>PENDING</Status>
		<SubmittedAt>2011-04-04T19:59:51.533Z</SubmittedAt>
	</ChangeInfo>
</ChangeResourceRecordSetsResponse>
  • Make note of the ChangeInfo Id for status checking.

Delete RRs

Deleting a RR is nearly the same as creating it 

<!-- deleteRR.xml -->
<?xml version="1.0" encoding="UTF-8"?>
<ChangeResourceRecordSetsRequest xmlns="https://route53.amazonaws.com/doc/2010-10-01/">
  <ChangeBatch>
    <Comment>Delete  existing records in example.org</Comment>
    <Changes>
      <Change>
        <Action>DELETE</Action>
        <ResourceRecordSet>
          <Name>www.example.org.</Name>
          <Type>A</Type>
          <TTL>3600</TTL>
          <ResourceRecords>
            <ResourceRecord>
              <Value>10.0.0.0</Value>
            </ResourceRecord>
          </ResourceRecords>
        </ResourceRecordSet>
      </Change>
    </Changes>
  </ChangeBatch>
</ChangeResourceRecordSetsRequest>

Again, use dnscurl.py, request the changes be made. Note to use your zone's Id from the creation step. 

]# dnscurl.pl \
  --keyname my-aws-account \
  -- \
  -H "Content-Type: text/xml; charset=UTF-8" \
  -X POST \
  --upload-file \
  ./deleteRR.xml \
  https://route53.amazonaws.com/2010-10-01/hostedzone/Z5XXXXXXXXXX/rrset

Delete Domain

Deleting a domain is almost too easy. Just execute dnscurl with a DELETE request type. 

]# dnscurl.pl \
  --keyname my-aws-account \
  -- \
  -H "Content-Type: text/xml; charset=UTF-8" \
  -X DELETE \
  https://route53.amazonaws.com/2010-10-01/hostedzone/Z5XXXXXXXXXX

Status

Checking the status of submitted changes is easy. Just use dnscurl to make the request, providing the change ID. 

]# dnscurl.pl \
  --keyname my-aws-account \
  -- \
  -H "Content-Type: text/xml; charset=UTF-8" \
  https://route53.amazonaws.com/2010-10-01/change/C2XXXXXX

An XML response will be returned. The most interesting field will be the Status field. 

<?xml version="1.0"?>
<GetChangeResponse xmlns="https://route53.amazonaws.com/doc/2010-10-01/">
  <ChangeInfo>
    <Id>/change/C2XXXXXX</Id>
    <Status>INSYNC</Status>
    <SubmittedAt>2011-04-04T19:09:29.355Z</SubmittedAt>
  </ChangeInfo>
</GetChangeResponse>
  • A response of PENDING states that the request is still in process.
  • A response of INSYNC states that the request has been fulfilled and is properly sync'ing across DNS servers.

List Hosted Domains

To get a listing of domains you've already set up, use this dnsclurl.py command 

./dnscurl.pl \
  --keyname my-aws-account \
  -- \
  -H "Content-Type: text/xml; charset=UTF-8" \
  -X GET \
  https://route53.amazonaws.com/2010-10-01/hostedzone

Which will return xml such as this 

<?xml version="1.0"?>
<ListHostedZonesResponse xmlns="https://route53.amazonaws.com/doc/2010-10-01/">
  <HostedZones>
    <HostedZone>
      <Id>/hostedzone/Z5XXXXXXXXXXX</Id>
      <Name>mydomain.org.</Name>
      <CallerReference>mydomain.org-20110304-001</CallerReference>
      <Config>
        <Comment>Migrate mydomain.org to Route 53</Comment>
      </Config>
    </HostedZone>
    <HostedZone>
      <Id>/hostedzone/Z2XXXXXXXXXXX</Id>
      <Name>anotherdomain.com.</Name>
      <CallerReference>anotherdomain.com-2011050426-001</CallerReference>
      <Config>
        <Comment>Migrate anotherdomain.com to Route 53</Comment>
      </Config>
    </HostedZone>
  </HostedZones>
  <IsTruncated>false</IsTruncated>
  <MaxItems>100</MaxItems>
</ListHostedZonesResponse>

List RR's of a Hosted Domain

To get a listing of resource records already attached to a domain use a similar dnsclurl.py command, adding the hosted zone's Id from the previous command. 

./dnscurl.pl \
  --keyname my-aws-account \
  -- \
  -H "Content-Type: text/xml; charset=UTF-8" \
  -X GET \
  https://route53.amazonaws.com/2010-10-01/hostedzone/Z2XXXXXXXXXXX/rrset
Retrieved from "http://www.improvisedscience.org/notes/AWS_Route_53"
Personal tools