Home / server / Questions / 817651
Accepted
mlk
Asked: 2016-11-30 03:34:49 +0800 CST

Can different AWS accounts manage different subdomains?

  • 772

I have two AWS accounts. The master account with example.com as a Hosted Zone, this then has a number of record sets (i.e. api.example.com and kibana.example.com).

A second account will be managing testing.example.com as a Hosted Zone, with the same set of record sets (i.e. api.testing.example.com and kibana.testing.example.com).

How to I tell the master account to refer requests for .testing.example.com down to the child account. I don't want to change the master account as I want to use the same Cloud Formation templates in both 'Live' and 'Test'.

I've set the two up as above and it does not work (api.testing.example.com does not resolve). I've also tried setting the testing.example.com ns record in the master account to the one specified in the child account(1). Alas this is not something I've done before and Google searches are not returning anything.

1) I messed this up, and this is the answer. See below.

domain-name-system amazon-web-services amazon-route53

3 Answers

  1. Best Answer

    How to I tell the master account to push requests for .testing.example.com down to the child account.

    The requests are referred, not pushed, but you can achieve the desired outcome by delegating the subdomain to a different set of Route 53 servers from those that host the parent zone.

    Look at the new hosted zone you created for testing.example.com. This can be in the same AWS account, a different AWS account... any AWS account. There's nothing here that is "account" related. This uses standard DNS configuration. The whole of DNS is a hierarchy. The global root can tell you where to find com, and the com servers can tell you where to find example.com, and it's nothing materially different for example.com to tell you where to find testing.example.com instead of giving you a direct answer.

    Note the 4 name servers that Route 53 assigned to the testing.example.com hosted zone. Verify that they are all different than the ones assigned to the example.com hosted zone. (For any of them to be the same should be impossible, but verify this.)

    Now, back in the example.com zone, create a new resource record, with hostname testing, using record type NS, and enter the 4 name servers that Route 53 assigned to testing.example.com, in the box below.

    Now, when a request for testing.example.com and anything below it arrives at one of the Route 53 servers handling example.com, the reply will not be the answer from testing.example.com -- the reply will provide the requester with the 4 NS records associated with testing.example.com and an answer equivalent to "I don't know, but try asking one of these guys."

    That's how it's done.

    • 51

  2. I think You need to create testing.example.com record in main account(Parent) under example.com domain. And if you are using ELB, copy ELB endpoint for testing of child account or may be Public IP assigned for testing domain in your child account and update it in parent account route 53. I think ELB endpoint would make it easy to resolve address rather than using dedicated Elastic IP. You'd also need to create all the sub domains of testing in parent account. I'd suggest to use ELB endpoints in child account for all the subdomains of testing site. Please make sure that all the ELB endpoint must be having scheme as internet-facing in aws console.

    • 0

  3. Here is the process which has been mentioned in AWS for the same :

    Routing traffic for subdomains - https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-routing-traffic-for-subdomains.html

    • 0