"no matching Route53Zone found": Terraform's Route53 data source is not recognizing the hosted zone name
Solution 1
The aws_route53_zone data source will list all the hosted zones in the account that Terraform has permissions to view.
If you are trying to reference a zone in another account then you can do this by creating a role/user in the account with the zone that has permissions to list all the zones (route53:ListHostedZones*,route53:GetHostedZone*) and then having a second "provider" be used for this data source.
So you might have something like this:
provider "aws" {
# ... access keys etc/assume role block
}
# DNS account
provider "aws" {
alias = "dns_zones"
# ... access keys etc/assume role block
}
data "aws_route53_zone" "main" {
provider = "aws.dns_zones"
name = "example.com." # Notice the dot!!!
private_zone = false
}
resource "aws_route53_record" "www" {
zone_id = "${data.aws_route53_zone.main.zone_id}"
name = "www.${data.aws_route53_zone.main.name}"
...
}
Solution 2
Using the zone_id instead of the name did it for me.
data "aws_route53_zone" "api2" {
# name = "example.com."
zone_id = "REPLACEWITHYOURID"
vpc_id = "${var.vpc_id}"
}
Kostas Demiris
Updated on June 20, 2022Comments
-
Kostas Demiris about 2 years
Let's say that I have a public hosted zone names
example.com.. I use the following piece of Terraform code to dynamically fetch the hosted zone id based on the name as per the docs.data "aws_route53_zone" "main" { name = "example.com." # Notice the dot!!! private_zone = false }During
terraform planit comes up with this error:Error refreshing state: 1 error(s) occurred: * data.aws_route53_zone.main: no matching Route53Zone foundIs there a bug that I should report or am I missing something?
-
Kostas Demiris over 7 yearsI have created a cross-account role with full access to R53 in the 1st account. I have tested it manually with a user from the second account (after adding the inline policy) and everything is ok. I can assume the role and manage R53. I also did the changes you posted. Do I need to add in any of the two provider blocks an assume_role parameter??
-
ydaetskcoR over 7 yearsAs long as that's working for you then that's okay. We tried that a while back but couldn't get Terraform correctly assuming cross account roles although that may have been down to use using the instance role to assume a cross account role.
-
kensai over 4 yearsThis doesn't work, I cannot query public zone via name with private=false, only zone_id works...
-
ydaetskcoR over 4 yearsDo you get an error? Is it because you have multiple private zones with the same name? If you're having issues you should consider asking a separate question showing what you've tried and what errors you're getting. If it's useful then link back to this question.
-
sebagomez over 3 yearsThis worked for me, also, without the need of the
vpc_id -
JPNagarajan about 3 yearsThis worked for me, also, without the need of the vpc_id -
nevelis over 2 years@ydaetskcoR Oh duuuuuuuuuude it's 3:40am and I'm queueing Bette Middler because Did you ever know you're my hero... (if it weren't for the
Notice the dot!!!comment................... it'd be 6:40am and I'd still be here)
