Last active
March 5, 2019 11:39
-
-
Save tachekent/fd8414381bc388e0b335818b87535340 to your computer and use it in GitHub Desktop.
General reminders and gotchas for creating Route53 templates
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: 2010-09-09 | |
| Description: General format for a hosted zone and record set | |
| # Useful references: | |
| # https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-reference-route53.html | |
| # https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html | |
| # https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-choosing-alias-non-alias.html | |
| # https://docs.aws.amazon.com/Route53/latest/APIReference/API_ResourceRecordSet.html#Route53-Type-ResourceRecordSet-Type | |
| # Create a static website with a custom domain | |
| # https://docs.amazonaws.cn/en_us/AWSCloudFormation/latest/UserGuide/quickref-s3.html | |
| # Full list of region endpoints | |
| # https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region | |
| Mappings: | |
| RegionMap: | |
| us-east-1: | |
| S3HostedZoneId: Z3AQBSTGFYJSTF | |
| us-west-1: | |
| S3HostedZoneId: Z2F56UZL2M1ACD | |
| us-west-2: | |
| S3HostedZoneId: Z3BJ6K6RIION7M | |
| eu-central-1: | |
| S3HostedZoneId: Z21DNDUVLTQW6Q | |
| eu-west-1: | |
| S3HostedZoneId: Z1BKCTXD74EZPE | |
| ap-southeast-1: | |
| S3HostedZoneId: Z3O0J2DXBE1FTB | |
| ap-southeast-2: | |
| S3HostedZoneId: Z1WCIGYICN2BYD | |
| ap-northeast-1: | |
| S3HostedZoneId: Z2M4EHUR26P7ZW | |
| sa-east-1: | |
| S3HostedZoneId: Z31GFT0UA1I2HV | |
| Resources: | |
| MyHostedZone: | |
| Type: AWS::Route53::HostedZone | |
| Properties: | |
| HostedZoneConfig: | |
| Comment: e.g. Zone apex alias targeted to S3 bucket. | |
| HostedZoneTags: | |
| - Key: company | |
| Value: Neophyte | |
| Name: "example.local" | |
| MyRecordSetGroup: | |
| Type: AWS::Route53::RecordSetGroup | |
| DependsOn: MyHostedZone | |
| Properties: | |
| HostedZoneId: !Ref MyHostedZone | |
| RecordSets: | |
| # Point to an S3 bucket in the same account | |
| - Name: "www.example.local" | |
| AliasTarget: | |
| DNSName: www.example.local.s3-website.eu-central-1.amazonaws.com. # website endpoint for the website-enabled bucket | |
| HostedZoneId: !FindInMap | |
| - RegionMap | |
| - !Ref 'AWS::Region' | |
| - S3HostedZoneId | |
| Type: A | |
| # MX records | |
| # NB Priority lives within the resource record | |
| - Name: "example.local" | |
| ResourceRecords: | |
| - "1 aspmx.l.google.com." | |
| - "5 alt1.aspmx.l.google.com." | |
| - "5 alt2.aspmx.l.google.com." | |
| - "10 alt3.aspmx.l.google.com." | |
| - "10 alt4.aspmx.l.google.com." | |
| TTL: "900" | |
| Type: MX | |
| # Verification | |
| # NB escaped double quoting for quoted fields | |
| - Name: "example.local" | |
| ResourceRecords: | |
| - "\"google-site-verification=foobar\"" | |
| - "\"v=spf1 include:_spf.google.com ~all\"" | |
| TTL: "900" | |
| Type: TXT # SPF type is deprecated | |
| - Name: "google._domainkey.example.local" | |
| ResourceRecords: | |
| - "\"v=DKIM1; k=rsa; p=foobar\"" | |
| TTL: "900" | |
| Type: TXT | |
| # Subdomain NS delegation | |
| - Name: "subdomain.example.local" | |
| ResourceRecords: | |
| - ns1.example2.com. | |
| - ns2.example2.com. | |
| - ns3.example2.com. | |
| TTL: "900" | |
| Type: NS | |
| # Outputs need to resolve to strings, so anything that returns an array needs to be joined | |
| Outputs: | |
| ExampleLocalHostedZoneId: | |
| Description: Hosted Zone ID for example.local | |
| Value: !Ref MyHostedZone | |
| ExampleLocalNameservers: | |
| Description: Nameservers for example.local | |
| Value: !Join | |
| - "," | |
| - !GetAtt MyHostedZone.NameServers |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment