Mister PKI

SSL Certificates * SSL Tools * Certificate Decoder

by Leave a Comment

This article will demonstrate how to create, delete, or change a DNS record in AWS Route 53 with the AWS CLI. In addition, this article will demonstrate how to write a bash wrapper function to wrap the cli commands to help with memorization. If you are anything like me, I would much prefer a function that prompts me for the variables needed rather than remember a plethora of different cli command syntax.

If you are looking for detailed instructions on how to use the AWS CLI to query Route 53, read our article here.

ChangeResourceRecordSets request

The ChangeResourceRecordSets request will create, delete, or upsert (change) a dns record.

  • Create – Creates a new DNS record
  • Delete – Deletes an existing DNS record
  • Upsert – Creates a new DNS record if none exists for the given value, else updates an existing record with the given value.

The command will take json as either a file or part of the command string itself.

Here is an example json file.

{
  "Comment": "Example creating a new A record ",
  "Changes": [
    {
      "Action": "CREATE",
      "ResourceRecordSet": {
        "Name": "test.example.com",
        "Type": "A",
        "TTL": 300,
        "ResourceRecords": [
          {
            "Value": "1.2.3.4"
          }
        ]
      }
    }
  ]
}

The json above will create a new A record for the test.example.com dns name. Here is a breakdown of the ResourceRecordSet fields.

  • Name – the DNS name
  • Type – The type of DNS record. Could include A, AAAA MX, TXT, NS, SOA, etc.
  • TTL – Time to live. How long it will take for the record to be refreshed by clients.
  • ResourceRecords – The IP address of the the new DNS name.

Now to create the new A record described in the json above, run the following command.

aws route53 change-resource-record-sets --hosted-zone-id <your_hosted_zone> --change-batch file://sample.json

Alternatively you may include the json directly in the command instead of first putting it into a file. This is only practical when writing a wrapper script for the command, as who can remember unformatted json every time?

Here’s an example bash script to wrap the aws cli route53 create command.

The result will be a pending response that looks similar to the following.

{
    "ChangeInfo": {
        "Status": "PENDING", 
        "Comment": "", 
        "SubmittedAt": "2023-07-13T17:31:32.123Z", 
        "Id": "/change/<id>"
    }
}

You can then check the status of the request with a subsequent get-change request.

aws route53  get-change --id /change/<id>

After the request completes and propagates, you should see an INSYNC status instead of PENDING.

{
    "ChangeInfo": {
        "Id": "/change/<id>",
        "Status": "INSYNC",
        "SubmittedAt": "2023-07-13T17:31:32.123Z",
        "Comment": ""
    }
}

Conclusion – AWS CLI Route 53 Change

This article has demonstrated how to create, delete, and change DNS records in Route 53 using the AWS CLI. Let us know in the comments if you have any questions or would like to see more in depth examples of how to manage DNS in Route 53 on the command line.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *