Create DNS Zone for your website in Route53

By /

Create a Hosted Zone for your website in AWS Route 53 using the AWS CLI and Add Records

AWS Route 53 is a highly scalable global DNS web service, that you can use for your website to speed up DNS. To use Route 53, you need to set your DNS Zone. To set your DNS zone in Route 53, you need to create a hosted zone first to which you can add further DNS record sets.

When you create a hosted zone (DNS zone for your website) in Route 53, you get two types of records including NS records and SOA records. The NS records are to be used at your domain registrar’s where you will need to change the nameservers to point them to AWS Route 53. Following that, you can add more records to the hosted zone including A records, CNAME records, MX and TXT records as per your need.

You can create a hosted zone and add records to it, using either the AWS management console or the AWS CLI.

Create hosted zone in Route 53 using the AWS management console

To create a hosted zone using the AWS management console, just login to the console and search for Route 53 and click on create hosted zone. Give your hosted zone a name (your domain-name). The hosted zone will be populated with two types of records at first which include NS records and SOA records. Copy the NS records and then add them to the nameservers at your domain registrar’s. After that, add the necessary A, CNAME and other records to your hosted zone. You can also use Route 53 to alias to other AWS resources like cloudfront cdn or elastic load balancers. So, this was how you can create a hosted zone and add DNS records in the AWS Route 53 service using the AWS management console.

Create hosted zone in route 53 using the AWS CLI

Another method to do the same is to do it via the AWS CLI. You can complete it in two stages. In the first step, you will create the hosted zone and in the second step you will create the required records and add them to the hosted zone. However, you need to have the AWS CLI installed and configured to add a hosted zone and create records for your website.

Install AWS CLI on your machine and then configure it. To install or update AWS CLI on your windows machine, just run the msiexec command.

$ msiexec.exe /i https://awscli.amazonaws.com/AWSCLIV2.msi

Otherwise, you can download it from the link and run the msi installer on your machine. Once you have installed the CLI, you can confirm it using the command prompt to run the following command:

$ aws --version

You will see an output like the following:

aws-cli/2.10.3 Python/3.9.11 Windows/10 exe/AMD64 prompt/off

For configuring the AWS CLI, you will need to run the configure command:

$ aws configure

The system will ask you to enter some information to complete the configuration including the access key id, secret key, region, and the default output format.

Enter the required information and for the default output format use json.

Following that, you can start using the AWS CLI.

Now, we will create the hosted zone for our website using the AWS CLI.

To create a hosted zone, you need a domain name. In the example below, I have used a domain samplewebapp.com

$ aws route53 create-hosted-zone --name samplewebapp.com --caller-reference 2023-03-01-18:47

The first part of the above command is the create-hosted-zone aws cli command. Next, comes the domain name (–name <value>) and at the end, you add a caller reference which is compulsory to successfully run the command (–caller-reference <value>).

The caller reference is a unique string which can be any unqiue string like a date/time stamp. It identifies the request and allows the failed requests to be retried without having to carry it out twice. Every time you run the command to create a hosted zone, you will need to add a unique caller reference string.

After running the above command to create a hosted zone for samplewebapp.com, we receive the following output:

{

“Location”: “https://route53.amazonaws.com/2013-04-01/hostedzone/Z00649952WEZVM32QBLAS”,

“HostedZone”: {

     “Id”: “/hostedzone/Z00649952WEZVM32QBLAS”,

     “Name”: “samplewebapp.com.”,

     “CallerReference”: “2023-03-01-18:47”,

     “Config”: {

         “PrivateZone”: false

     },

     “ResourceRecordSetCount”: 2

},

“ChangeInfo”: {

     “Id”: “/change/C030702412IMD2BGWJDIL”,

     “Status”: “PENDING”,

     “SubmittedAt”: “2023-03-24T12:38:06.037000+00:00”

},

“DelegationSet”: {

     “NameServers”: [

         “ns-1958.awsdns-52.co.uk”,

         “ns-730.awsdns-27.net”,

         “ns-29.awsdns-03.com”,

         “ns-1244.awsdns-27.org”

     ]

}

In the above output, you can see that your hosted zone is created and the system has assigned a hosted zone id to it. The above output also contains the four name server records that you will need to change at your domain registrar’s. Copy the nameservers from the output and go to your domain registrar account like Godaddy and add these four there as nameservers.  The first step of our task is complete here and now we can add more records as per our need.

First, we can add two A records for the domain and the www subdomain.  However, the second step is a little different from the first where the commands are slightly more complicated.

To add new record sets we will run the command change-resource-record-sets in aws cli. Copy the hosted zone id that you received in the first step.  In the above case, the hosted zone id is Z00649952WEZVM32QBLAS.

Let me explain in brief the change-resource-record-sets cli command and how it works. You can perform three types of actions using the create-resource record sets command including insert, delete, and upsert.

Action: CREATE | DELETE | UPSERT

With the create action, you create a new resource record set with the value you specify. The delete action deletes the record set with the specified value and the upsert action updates an existing record to the specified value. Since, we are creating new records here, we will use ‘create’ action.

All the changes that  we are going to make in the hosted zone and the resource record sets will be included in the change batch. The change batch includes the changes including the action, name of the record, its type, value and other elements. It can be included with the command in the form of a json file.

To create a simple A record, we can use the following format.

   “Comment”: “CREATE an A record “,

         “Changes”: [{

            “Action”: “CREATE”,

                     “ResourceRecordSet”: {

                                 “Name”: “samplewebapp.com”,

                                 “Type”: “A”,

                                 “TTL”: 300,

                              “ResourceRecords”: [{ “Value”: “89.106.200.1”}]

You must save the above in the form of a json file (paste in notepad and save as sample-records.json or from cmd create a file using vim command so you can reference it without the need to add full path).  The file includes all the details like the record type, the ip, the TTL and the name.

However, if you want to add more than one records, you will need to modify the json file to include an action Key for each record. If you are adding two records, there need to be two Action keys. You can use the below format to add two records at once. For example, if you need to add an A record and one MX record, you can add two action keys, and change the details for each record entry. You can use the format below to create your json file.

{

             “Comment”: “CREATE/DELETE/UPDATE”,

              “Changes”: [ {

                         “Action”: “CREATE”,

                         “ResourceRecordSet”: {

                             “Name”: “samplewebapp.com”,

                                 “Type”: “A”,

                                  “TTL”: 300,

                               “ResourceRecords”: [{“Value”: “89.106.200.1”}]

                         }},

{

                         “Action”: “CREATE”,

                         “ResourceRecordSet”: {

                              “Name”: “www.samplewebapp.com”,

                              “Type”: “A”,

                               “TTL”: 300,

                               “ResourceRecords”: [{“Value”: “89.106.200.1”}]

                        }}

]

}

You can run the following command to add the new records.

$ aws route53 change-resource-record-sets --hosted-zone-id Z00649952WEZVM32QBLAS --change-batch file://sample-records.json

At the end of this command, after the change-batch, you will need to include the file path for the json file. Go to the folder in your computer where you have saved the json file; right click on the file and then Copy as Path. Add this path to the end of the change-resource-record-sets command.

$ aws route53 change-resource-record-sets --hosted-zone-id Z00649952WEZVM32QBLAS --change-batch file://C:\Users\ABC\Downloads\sampleapp-records.json

If the json file does not have any errors, it will execute the command and the records will be added. This is how, you can add a hosted zone and create simple records (The default Routing policy -Simple- will be used to create these records.

How to delete or update a record in Route 53 (AWS CLI)

Deleting or updating records in Route 53, also follows the same process as adding new ones except that you change the action from Create to delete or upsert. Suppose, you want to update the IP for a record you have already created and want to replace it with a new IP.

The domain we have used for example is samplewebapp.com and the json file will include the following changes

“Comment”: “CREATE an A record “,

         “Changes”: [{

            “Action”: “UPSERT”,

                     “ResourceRecordSet”: {

                                 “Name”: “samplewebapp.com”,

                                 “Type”: “A”,

                                 “TTL”: 300,

                              “ResourceRecords”: [{ “Value”: “89.106.200.2”}]

Now, we are going to update the same and change the IP to 89.106.200.3

While the command to do that, will remain the same as the one used to create records, we will need to make changes inside the json file that we added to the command at the end. Create a new json file (name it change-arecord.json) in which you change the value of ResourceRecords to the new IP as 89.106.200.2. We also change the action in the json file to Upsert from Create. Again run the same command and replace the old json file path with the new one containing new values. To delete the same record, just change the action to delete and then run the command with the new json file.

$ aws route53 change-resource-record-sets --hosted-zone-id Z00649952WEZVM32QBLAS --change-batch file://C:\Users\ABC\Downloads\change-arecord.json

(If you don’t want to add the full path to the json file, create it from your windows powershell using the vim command. For example: $ vim sample-records.json. Click i to enter insert mode. Paste the content into the file and hit escape to exit the insert mode. Now, close and exit by typing :wq. Then, instead of having to provide the full path in the command, you can just add at the end –change-bath file://sample-records.json)

This was how you can create the basic records in Route 53. The process to create alias records is similar with changes to the json file. 

The following format will be used to create alias records to services like Cloudfront, S3 bucket or load balancing. In the below sample json, you can see that there is a hosted zone id for the Alias target and then the DNS name (which you can copy from the resource details or using a command like:  aws cloudfront list-distributions. Note that the hosted zone id is not the same as the hosted zone id in Route 53. The hosted zone id for cloudfront distributions is – Z2FDTNDATAQYW2. For a load balancer, you can find the hosted zone id in the description tab.

{

  “Comment”: “Alias resource record sets in Route 53 for cloudfront”,

  “Changes”: [

    {

      “Action”: “CREATE”,

      “ResourceRecordSet”: {

        “Name”: “cdn.example.com”,

        “Type”: “A”,

        “AliasTarget”: {

          “HostedZoneId”: “Z2FDTNDATAQYW2”,

          “DNSName”: “d2mtfor8c1d3no.cloudfront.net”,

          “EvaluateTargetHealth”: false

        }

      }

    }

  ]

}