Route 53 for hosting different environments on multiple AWS accounts

1
votes

I'm having real difficulty in getting the environments setup on 2 AWS accounts which are related to each other by the virtue of Organisation Hierarchy. My root DNS provider is GoDaddy which is hosting DNS record for example.com. We have multiple services which needs to be hosted on subdomain services.example.com. My setup is like:

  1. GoDaddy -> Root DNS provider for example.com. Has NS record entries for services.example.com pointing to AWS Prod Account's Hosted Zone
  2. AWS Prod Account -> Has Hosted Zone as services.example.com. Within this hosted zone I have A Records for production services service1.services.example.com, service2.services.example.com, etc.
  3. AWS Dev Account -> Need a way to host environments such as test, uat, release on Prod account subodmain as:

Service 1:

  • test.service1.services.example.com
  • uat.service1.services.example.com
  • release.service1.services.example.com

Service 2:

  • test.service2.services.example.com
  • uat.service2.services.example.com
  • release.service2.services.example.com

Is there any way that I can achieve this. I have attached an image for visually simplifying this setup. enter image description here

1
amazon-web-servicesdnsamazon-route53nameservers
Have you considered simply having 2 separate domains one for dev and one for prod? Much easier, and you get real isolation. EG services.example-dev.com. with your setup, one dev mistake and you are affecting production potentially.Rodrigo M
@RodrigoM hosting a different domain is always an option. However, it increases the overhead of maintaining it. If there is no choice, I have to fallback to the option of either different domain for non-prod i.e. services.example-dev.com or a subdomain as service1.nonprod.services.example.com :-)kk.
Overheard is minimal. You have a zone is each account. The services interact with the zone the same way in each account. Complete isolation and symmetry.Rodrigo M
@RodrigoM I take your point. If this cannot be achieved I have the option that you suggested. :-)kk.
That said, you can do it via sub domains. Buy use prod and dev as the subdomain. Or does that break your domain name scheme.?Rodrigo M

1 Answers

3
votes

Create a hosted zone for service1.services.example.com in Acc 2.

Note the 4 name servers that Route 53 assigns to it the new hosted zone.

Back in the services.example.com (master zone) on Acc 1, create a new resource record, with hostname service1 using record type NS, and enter the 4 name servers that Route 53 assigned, in the box below.

You just delegated the service1.services.example.com subdomain, and any hosts and subdomains in it, to a different hosted zone, which you can now break to your heart's content, without impacting the the other records.

And just can just repeat the same process for all other services you want to delegate as well. You will end up with a new hosted zone for each service, but that is a totally fine way of doing so.

The hosted zone for the subdomain can be in the same account or a different account.