Created
May 20, 2022 11:41
-
-
Save leadelngalame1611/3e84da2d8cd46fe867e50d2952f6ccf4 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def assume_lookup_role(zone, account_id): | |
| DNS_DELEGATION_READONLY_ROLE = ( | |
| f"arn:aws:iam::{account_id}:role/dns-delegation-readonly-role" | |
| ) | |
| sts = boto3.client("sts") | |
| credentials = sts.assume_role( | |
| RoleArn=DNS_DELEGATION_READONLY_ROLE, | |
| RoleSessionName=f"DnsDelegationLookup-{zone}", | |
| )["Credentials"] | |
| return boto3.Session( | |
| aws_access_key_id=credentials["AccessKeyId"], | |
| aws_secret_access_key=credentials["SecretAccessKey"], | |
| aws_session_token=credentials["SessionToken"], | |
| ) | |
| ## How to use it | |
| def lookup_name_servers(zone, account_id): | |
| lookup_client = assume_lookup_role(zone, account_id).client("route53") | |
| hosted_zone_id = None | |
| for hosted_zone in lookup_client.list_hosted_zones()["HostedZones"]: | |
| if zone == hosted_zone["Name"] and not hosted_zone.get("Config", {}).get( | |
| "PrivateZone" | |
| ): | |
| hosted_zone_id = hosted_zone["Id"] | |
| break | |
| if hosted_zone_id is None: | |
| return None | |
| return lookup_client.get_hosted_zone(Id=hosted_zone_id)["DelegationSet"][ | |
| "NameServers" | |
| ] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment