Cross Account Alias Records

amazon-web-services amazon-route53

Is it possible to create an Alias record in Route 53 to a resource in another AWS account?

Use Case:

I have 2 AWS accounts. My domain is configured with a hosted zone in account A and I have an ELB in account B. I want to create a record to my ELB in account B for my domain's zone apex - which has to be configured in account A.

Does anyone know how I can get around this? I know I can go through billing support to have the domain transferred to account B but I would prefer not to do this. Also, it is not viable for me to migrate the resources from account B to account A.


Solution 1:

So I've found the solution. You can in fact create an Alias record to a resource in another account.

The answer is in the documentation although it's description is a little vague in my opinion. See here under the ELB heading.

If you used different accounts to create your Amazon Route 53 hosted zone and your load balancer – Enter the value that you got in the procedure Getting the DNS Name for an ELB Load Balancer.

As a result, here's what I did:

  1. Copied my ELB DNS name from account B
  2. In account A, I created an Alias record for my zone apex (type: IPv4) and I simply pasted in the DNS name into the text field.

I saved the record and it worked straight away.

After you paste in your ELB's DNS name, you'll notice that the Alias Hosted Zone ID matches the Hosted Zone ID in your ELB's description tab.

Solution 2:

I can confirm this is still working, it's just the docs and UX of the portal are terrible.

I wanted to create a CNAME to an ALB at the apex (root) of my hosted zone; this isn't allowed so using an Alias A record instead. My ALB is in a different account, so the UI makes you think you can't do it... but you can.

You can create an Alias record to an ALB/ELB in another account by just pasting into the 'Route traffic to' box. Choose the region, then just dump the address into the box. Now this UI element makes you think it's a normal picklist and you can only pick from valid values... but it is secretly also a textbox allowing you to enter arbitrary text. Great UX guys 👏🏼

So enter your address and just click 'Create records'.

enter image description here

Related

Firebase Remote Config: Can't read any values, but fetch is successful
How to set dependencies between DAGs in Airflow?
What is difference between ObjectResult and JsonResult
Convert Pandas dataframe to Dask dataframe
Debugging typescript with source maps and webpack
How to set uid and gid in Docker Compose?
How can I get the depth of a multidimensional std::vector at compile time?
"Approximate" greatest common divisor
Adding custom HTTP headers using JavaScript
How do you escape curly braces in javadoc inline tags, such as the {@code} tag
display:none vs visibility:hidden vs text-indent:9999 How screen reader behave with each one?
Java Runtime Performance Vs Native C / C++ Code?