Skip to content

Instantly share code, notes, and snippets.

@na0AaooQ

na0AaooQ/IAMロール設定

Last active October 14, 2017 15:43
Show Gist options
  • Save na0AaooQ/02c84873f7696535f448 to your computer and use it in GitHub Desktop.
Save na0AaooQ/02c84873f7696535f448 to your computer and use it in GitHub Desktop.
Download ZIP
AWS Route53 ゾーン作成とDNSレコード追加コマンドメモ ref: http://qiita.com/na0AaooQ/items/d5bb618b7922233ce665
Raw
file0.txt
{
"Version": "2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action":["route53:CreateHostedZone"],
"Resource":"*"
},
{
"Effect":"Allow",
"Action":["route53:DeleteHostedZone"],
"Resource":"arn:aws:route53:::change/*"
},
{
"Effect":"Allow",
"Action":["route53:GetChange"],
"Resource":"arn:aws:route53:::change/*"
}
]
}
Raw
file1.txt
$ sudo curl -o /usr/bin/jq http://stedolan.github.io/jq/download/linux64/jq && sudo chmod +x /usr/bin/jq
Raw
file10.txt
$ aws route53 change-resource-record-sets --hosted-zone-id ${R53_ZONE_ID} --change-batch file:///tmp/create_dns_recordset.json
Raw
file11.txt
{
"ChangeInfo": {
"Status": "PENDING",
"SubmittedAt": "2014-12-23T15:35:24.690Z",
"Id": "/change/**************"
}
}
Raw
file12.txt
$ aws route53 list-resource-record-sets --hosted-zone-id ${R53_ZONE_ID}
Raw
file13.txt
{
"ResourceRecordSets": [
{
"ResourceRecords": [
{
"Value": "ns-617.awsdns-13.net."
},
{
"Value": "ns-497.awsdns-62.com."
},
{
"Value": "ns-1868.awsdns-41.co.uk."
},
{
"Value": "ns-1243.awsdns-27.org."
}
],
"Type": "NS",
"Name": "example.com.",
"TTL": 172800
},
{
"ResourceRecords": [
{
"Value": "ns-617.awsdns-13.net. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400"
}
],
"Type": "SOA",
"Name": "example.com.",
"TTL": 900
},
{
"ResourceRecords": [
{
"Value": "198.51.100.10"
}
],
"Type": "A",
"Name": "server-001.example.com.",
"TTL": 1200
},
{
"ResourceRecords": [
{
"Value": "198.51.100.11"
}
],
"Type": "A",
"Name": "server-002.example.com.",
"TTL": 1200
},
{
"ResourceRecords": [
{
"Value": "server-001.example.com."
}
],
"Type": "CNAME",
"Name": "server-cname.example.com.",
"TTL": 3600
}
]
}
Raw
file14.txt
$ dig +noall +ans +norec server-001.example.com. @ns-497.awsdns-62.com
server-001.example.com. 1200 IN A 198.51.100.10
$
Raw
file15.txt
$ dig +noall +ans +norec server-002.example.com. @ns-497.awsdns-62.com
server-002.example.com. 1200 IN A 198.51.100.11
$
Raw
file16.txt
$ dig +noall +ans +norec server-cname.example.com. @ns-497.awsdns-62.com
server-cname.example.com. 3600 IN CNAME server-001.example.com.
server-001.example.com. 1200 IN A 198.51.100.10
$
Raw
file17.txt
$ cp /tmp/create_dns_recordset.json /tmp/delete_dns_recordset.json
$ sed -i "s/CREATE/DELETE/g" /tmp/delete_dns_recordset.json
$
Raw
file18.txt
$ cat /tmp/delete_dns_recordset.json | wc -l
43
$ cat /tmp/delete_dns_recordset.json | jq . | wc -l
43
$
Raw
file19.txt
$ aws route53 change-resource-record-sets --hosted-zone-id ${R53_ZONE_ID} --change-batch file:///tmp/delete_dns_recordset.json
{
"ChangeInfo": {
"Status": "PENDING",
"SubmittedAt": "2014-12-23T15:53:55.293Z",
"Id": "/change/C3BMEQ2NS76GSU"
}
}
$
Raw
file2.txt
$ R53_ZONE_NAME="example.com"
$ R53_ZONE_COMMENT="exampledomain"
$
$ aws route53 create-hosted-zone --name ${R53_ZONE_NAME} --caller-reference `date +%Y-%m-%d_%H-%M-%S` --hosted-zone-config Comment="${R53_ZONE_COMMENT}"
Raw
file20.txt
$ aws route53 list-resource-record-sets --hosted-zone-id ${R53_ZONE_ID}
Raw
file21.txt
$ aws route53 delete-hosted-zone --id=${R53_ZONE_ID}
{
"ChangeInfo": {
"Status": "PENDING",
"SubmittedAt": "2014-12-23T16:00:20.320Z",
"Id": "/change/*************"
}
}
$
Raw
file22.txt
$ aws route53 list-hosted-zones
Raw
file3.txt
$ aws route53 list-hosted-zones
Raw
file4.txt
{
"HostedZones": [
{
 (途中省略)
},
{
"ResourceRecordSetCount": 2,
"CallerReference": "2014-12-23_23-47-30",
"Config": {
"Comment": "exampledomain",
"PrivateZone": false
},
"Id": "/hostedzone/**************",
"Name": "example.com."
}
]
}
$
Raw
file5.txt
$ R53_ZONE_ID=`aws route53 list-hosted-zones | jq --arg zone_name "${R53_ZONE_NAME}." -r '.HostedZones[]|select(.Name == $zone_name)|.Id' | sed 's/\/hostedzone\///'`
$
Raw
file6.txt
$ echo ${R53_ZONE_ID}
Z*************
$
Raw
file7.txt
cat <<EOT > /tmp/create_dns_recordset.json
{
"Changes": [
{
"Action": "CREATE",
"ResourceRecordSet": {
"Name": "server-001.example.com.",
"Type": "A",
"TTL": 1200,
"ResourceRecords": [
{
"Value": "198.51.100.10"
}
]
}
},
{
"Action": "CREATE",
"ResourceRecordSet": {
"Name": "server-002.example.com.",
"Type": "A",
"TTL": 1200,
"ResourceRecords": [
{
"Value": "198.51.100.11"
}
]
}
},
{
"Action": "CREATE",
"ResourceRecordSet": {
"Name": "server-cname.example.com.",
"Type": "CNAME",
"TTL": 3600,
"ResourceRecords": [
{
"Value": "server-001.example.com."
}
]
}
}
]
}
EOT
Raw
file8.txt
$ cat /tmp/create_dns_recordset.json | wc -l
43
$ cat /tmp/create_dns_recordset.json | jq . | wc -l
43
$
Raw
file9.txt
$ sed -i -e '1,1d' /tmp/create_dns_recordset.json
$
$ cat /tmp/create_dns_recordset.json | wc -l
42
$ cat /tmp/create_dns_recordset.json | jq . | wc -l
parse error: Expected string key before ':' at line 1, column 12
1
$
Raw
IAMロール設定
{
"Version": "2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action":["route53:CreateHostedZone"],
"Resource":"*"
},
{
"Effect":"Allow",
"Action":["route53:DeleteHostedZone"],
"Resource":"arn:aws:route53:::change/*"
},
{
"Effect":"Allow",
"Action":["route53:GetChange"],
"Resource":"arn:aws:route53:::change/*"
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment