Cross Account Alias Records

amazon-web-services amazon-route53
24,203

Solution 1

So I've found the solution. You can in fact create an Alias record to a resource in another account.

The answer is in the documentation although it's description is a little vague in my opinion. See here under the ELB heading.

If you used different accounts to create your Amazon Route 53 hosted zone and your load balancer – Enter the value that you got in the procedure Getting the DNS Name for an ELB Load Balancer.

As a result, here's what I did:

  1. Copied my ELB DNS name from account B
  2. In account A, I created an Alias record for my zone apex (type: IPv4) and I simply pasted in the DNS name into the text field.

I saved the record and it worked straight away.

After you paste in your ELB's DNS name, you'll notice that the Alias Hosted Zone ID matches the Hosted Zone ID in your ELB's description tab.

Solution 2

I can confirm this is still working, it's just the docs and UX of the portal are terrible.

I wanted to create a CNAME to an ALB at the apex (root) of my hosted zone; this isn't allowed so using an Alias A record instead. My ALB is in a different account, so the UI makes you think you can't do it... but you can.

You can create an Alias record to an ALB/ELB in another account by just pasting into the 'Route traffic to' box. Choose the region, then just dump the address into the box. Now this UI element makes you think it's a normal picklist and you can only pick from valid values... but it is secretly also a textbox allowing you to enter arbitrary text. Great UX guys 👏🏼

So enter your address and just click 'Create records'.

enter image description here

Solution 3

Now AWS updated the Alias records info and it is much more clear, basically you add the DNS entry for the resource in the alias field.

https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values-alias.html

Share:
24,203

Related videos on Youtube

mickzer
Author by

mickzer

Software Engineer at AWS

Updated on July 09, 2022

Comments

  • mickzer
    mickzer almost 2 years

    Is it possible to create an Alias record in Route 53 to a resource in another AWS account?

    Use Case:

    I have 2 AWS accounts. My domain is configured with a hosted zone in account A and I have an ELB in account B. I want to create a record to my ELB in account B for my domain's zone apex - which has to be configured in account A.

    Does anyone know how I can get around this? I know I can go through billing support to have the domain transferred to account B but I would prefer not to do this. Also, it is not viable for me to migrate the resources from account B to account A.

    • Michael - sqlbot
      Michael - sqlbot over 8 years
      Why do you believe you have to "go through billing support to have the domain transferred to account B?" You could simply create a hosted zone with the same domain name in account B and point the name server records to it, keeping the registration itself in account A (assuming Route 53 is also your registrar). You can't do cross-account aliases.
    • mickzer
      mickzer over 8 years
      I'm not sure that this is possible. However I did not try it. Going through billing to get the domain transferred is documented. I found a solution, you can in fact create an Alias record to a resource in another account. See my answer :)
  • Michael - sqlbot
    Michael - sqlbot over 8 years
    Who knew? That's really a bit of a surprise but hey, you found it. +1
  • Evgeny Goldin
    Evgeny Goldin over 8 years
    Yes, aliasing to AWS resources in other accounts is supported, one just has to paste manually a proper resource DNS name, like an ELB URL in this case. Aliasing to Hosted Zone records, though, is only supported within the same account.
  • Nayan Srivastava
    Nayan Srivastava almost 7 years
    Hey, I followed the same procedure but it does not work here. Is there anything else to be kept in mind while creating it.
  • Garry Kevin
    Garry Kevin almost 3 years
    Yes, does work for me too. Guess this is outdated.
  • Quincy
    Quincy over 2 years
    This worked for me too... My scenario is hooking up an API gateway custom domain in accountA when my R53 is in accountB. I added a record in accountB R53 to reference the cloudfront distribution. But because of how APIgateway works...the cloudfront distro is actually inside an internal AWS account. not my accountA. sigh just another day in AWS :)

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Route53 route subdomain to AWS Lambda?
AWS Route 53 DNS not resolving to subdomain
How can I troubleshoot a Route 53 hosted zone?
AWS Route 53: How to migrate a hosted zone from one account to another completely?
DNS A record is not working with Amazon Route 53
How do I create DNS entries for EC2 instances created by Auto Scaling?
Should I transfer my domain to AWS? AWS Route53 price vs GoDaddy
How to setup AWS Route53 Alias and CNAME
AWS Route 53 alias-record change takes too long
Can AWS block access from embargoed countries?