AWS - Route53 - Terraform - Update domain nameservers

541 Views Asked by jean553 At 04 April 2023 at 16:06

I want to transfer my DNS zone from AWS Route53 to Cloudflare.

The domain has been registered on AWS and will stay there, however, all the DNS configuration (zone, fields... etc...) is moving into Cloudflare.

All my infrastructure is handled through Terraform, and so far, all the DNS configuration has been moved to Cloudflare by adding DNS records into Terraform (cloudflare_zone, cloudflare_record... etc...).

In order to make the final switch to Cloudflare, I have to change the name servers associated with my domain registered in AWS. I have to change them from the AWS name servers by the Cloudflare name servers.

However, I cannot find any Terraform-way to change the name servers associated to my domain.

I have tried adding the Cloudflare name servers directly as NS servers of the AWS zone, but nothing happens when doing so:

resource "aws_route53_record" "nameservers" {
  type    = "NS"
  records = ["...expected cloudflare nameserver..."]
  
  ...
}

}

I have followed the official Cloudflare migration documentation (https://developers.cloudflare.com/dns/zone-setups/full-setup/setup/#update-your-registrar) and the AWS specifications: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/domain-name-servers-glue-records.html#domain-name-servers-glue-records-adding-changing.

In AWS, name servers for a domain can be updated directly through the console in "Route53" > "Registered domains" > "Details" > "Edit name servers".

Is there any way to edit those domain name servers through Terraform ?

Original Q&A

There are 2 best solutions below

Darren On 14 April 2023 at 10:04

It appears that there is a resource:

required provider version: >= 4.4.0

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53domains_registered_domain

terraform will just import it into state to manage it (seems like you dont need to manually import it , terraform will know how to handle this)

then you would update the name_server block in the resource to the cloud flare nameservers

locals {
  # list of cloudflare nameservers
  name_servers = ["ns1","ns2"]
}


resource "aws_route53domains_registered_domain" "this" {
  domain_name = "example.com"

  dynamic "name_server" {
    for_each = toset(local.name_servers)
    content{
       name = name_server.value
    }
  }

  tags = {
    Environment = "example"
  }
}

hope that this helps

note: before you do the migration reduce the ttls to 600 seconds(10 mins) on any records and on the zone in route 53 for the migration and wait for the ttls to lapse

eexit On 14 April 2023 at 13:04

Have you tried with the following optional argument?

allow_overwrite = true

I'm not Terraform expert, but according to the doc it seems once a NS or SAO record is created, you need to pass this argument to edit them.

AWS - Route53 - Terraform - Update domain nameservers

There are 2 best solutions below

Related Questions in TERRAFORM

Related Questions in CLOUDFLARE

Related Questions in AMAZON-ROUTE53

Related Questions in NAMESERVERS

Trending Questions

Popular # Hahtags

Popular Questions