Migrate AWS DNS records by using cli35
When you migrate resources from one Amazon Web Services® (AWS) account to another, you might be asked to migrate the Amazon Route 53™ Domain Name Service (DNS) records as well. To do this, use cli53, a command line tool for Amazon Route 53, to migrate Route 53 DNS records from the source to the target. cli53 exports all the DNS records into a JSON file. After cli53 moves the records, you need to make some complex changes to the file before finally importing it to the target. This blog explains how to simplify the process of migrating all Route 53 DNS records from the source to the target.
Use the following steps to migrate DNS records by using cli53:
- Download and install cli53 from GitHub.
- Create an identity and access management (IAM) user in both the AWS source and target accounts.
- Export the Route 53 DNS records from the source AWS account.
- Import the Route 53 DNS records to the target AWS account.
Download and install cli53
Download the cli53 utility from GitHub.
To install cli53, select from the following installation instructions based on your operating system.
To install cli53 on Linux®, run the following commands:
$ sudo mv cli53-my-platform /usr/local/bin/cli53 $ sudo chmod +x /usr/local/bin/cli53
To install cli53 on an Apple® Mac®, run the following command:
$ brew install cli53
You can run the cli53 executable (extension
.exe) on Microsoft® Windows® without
To verify cli53 on Windows, perform the following tasks:
- Open a command prompt.
- Change directory to the location where you downloaded the cli53 executable.
- Run the cli35 list command, as shown in the following image:
Create an IAM user
You need to create an IAM user on both the AWS accounts. cli53 requires one IAM user on the source AWS account to export all the DNS records to a plain text file and one IAM user on the target AWS account to import all the DNS records.
Use the following instructions to create an IAM user:
- Log in to the source AWS account.
- Go to the IAM service console and click Users.
- Click Add User.
- Enter your user name, select Access type -> Programmatic Access and click Next: Permissions as shown in the following image.
- Select Attach existing policies directly, type route53 in the filter policies search bar, select the AmazonRoute53FullAccess policy, and click Next: Review as shown in the following image:
- The following screen displays:
- Click Create User. On the confirmation screen, shown in the following image, make note of your IAM Access key ID and Secret access key. We recommend that you download your keys to a .csv file on your local machine.
- Repeat the preceding steps for the target AWS account.
Export Route 53 DNS records from the source account
The cli53 utility exports all Route 53 DNS records to a plain text file. This file has all the records. You can easily edit all the DNS records and their parameters. Use the following instructions to export Route 53 DNS records:
- Go to your .aws home directory and find the credentials file as shown in the following image:
- Open the editor and update the file, credentials, with your Access key id and Secret access key from the IAM user that you created on the source AWS account as shown in the following image. Save the file.
- Open a command prompt and run the list command to verify that you are on the source AWS account as shown in the following image:
- Run the following command to export the Route 53 hosted zones into the file from the source AWS account to create a plain text file with all the Route 53 DNS records.
C:\> cli53-windows-386.exe export <hosted-zone-name> > /path/to/file
Import Route 53 records to the target account
To import the DNS records to the target AWS account, you need to create hosted zones before importing the DNS records. Delete the NS and SOA DNS records from the plain text export file because these records are available in the target hosted zone. You should also update the credentials file with the target AWS account, IAM user Access key ID, and Secret access key.
Use the following steps to import the DNS records to the target AWS account:
- Delete the NS and SOA records from the export file. Also, if there is a different domain name on the target AWS account, update the domain name under $ORIGIN in the plain text file and save the file.
The following image shows the DNS file before the record deletion:
The following image shows the DNS file after the record deletion:
- Update the credentials file in your home directory to add the target AWS account IAM user Access key ID and Secret access key as shown in the following image:
- Open a command prompt and verify that you have successfully switched to the target AWS account. Run the list command to check the hosted zones at the target site as shown in the following image:
- If there is not already a hosted zone in the target AWS account, create one to use to import the DNS records from the plain text file by running the following command:<
C:\> cli53-windows-386.exe create <hosted-zone name> --comment ‘<comments>’
- Import the DNS records to the hosted zone on the target AWS account. Copy the hosted zone ID and run the following command:
C:\> cli53-windows-386.exe import --file </path/to/file> <hosted-zone-name>
- Verify all of the DNS records on the target AWS account under the Route 53 management console and check that all the records are in place as shown in the following images:
Migrating DNS is a crucial activity in every migration. Manual changes in DNS record sets are error-prone and can lead to unavoidable outages. The cli53 utility makes it easy to migrate all DNS records to the target AWS environment by creating a plain text file that is both easy to understand and update.
Use the Feedback tab to make any comments or ask questions.
Optimize your environment with expert administration, management, and configuration
- eCommerce and Digital Experience platforms
- Enterprise Resource Planning (ERP)
- Business Intelligence
- Salesforce Customer Relationship Management (CRM)
- Email Hosting and Productivity
- Unbiased expertise: We simplify and guide your modernization journey, focusing on the capabilities that deliver immediate value.
- Fanatical Experience™: We combine a Process first. Technology second.® approach with dedicated technical support to provide comprehensive solutions.
- Unrivaled portfolio: We apply extensive cloud experience to help you choose and deploy the right technology on the right cloud.
- Agile delivery: We meet you where you are in your journey and align our success with yours.
Chat now to get started.