Package software.amazon.awscdk.services.route53
@Stability(Stable)
@Deprecated
package software.amazon.awscdk.services.route53
Deprecated.
Amazon Route53 Construct Library
---
AWS CDK v1 has reached End-of-Support on 2023-06-01. This package is no longer being updated, and users should migrate to AWS CDK v2.
For more information on how to migrate, see the Migrating to AWS CDK v2 guide.
To add a public hosted zone:
PublicHostedZone.Builder.create(this, "HostedZone")
.zoneName("fully.qualified.domain.com")
.build();
To add a private hosted zone, use PrivateHostedZone. Note that
enableDnsHostnames and enableDnsSupport must have been enabled for the
VPC you're configuring for private hosted zones.
Vpc vpc;
PrivateHostedZone zone = PrivateHostedZone.Builder.create(this, "HostedZone")
.zoneName("fully.qualified.domain.com")
.vpc(vpc)
.build();
Additional VPCs can be added with zone.addVpc().
Adding Records
To add a TXT record to your zone:
HostedZone myZone;
TxtRecord.Builder.create(this, "TXTRecord")
.zone(myZone)
.recordName("_foo") // If the name ends with a ".", it will be used as-is;
// if it ends with a "." followed by the zone name, a trailing "." will be added automatically;
// otherwise, a ".", the zone name, and a trailing "." will be added automatically.
// Defaults to zone root if not specified.
.values(List.of("Bar!", "Baz?"))
.ttl(Duration.minutes(90))
.build();
To add a NS record to your zone:
HostedZone myZone;
NsRecord.Builder.create(this, "NSRecord")
.zone(myZone)
.recordName("foo")
.values(List.of("ns-1.awsdns.co.uk.", "ns-2.awsdns.com."))
.ttl(Duration.minutes(90))
.build();
To add a DS record to your zone:
HostedZone myZone;
DsRecord.Builder.create(this, "DSRecord")
.zone(myZone)
.recordName("foo")
.values(List.of("12345 3 1 123456789abcdef67890123456789abcdef67890"))
.ttl(Duration.minutes(90))
.build();
To add an A record to your zone:
HostedZone myZone;
ARecord.Builder.create(this, "ARecord")
.zone(myZone)
.target(RecordTarget.fromIpAddresses("1.2.3.4", "5.6.7.8"))
.build();
To add an A record for an EC2 instance with an Elastic IP (EIP) to your zone:
Instance instance;
HostedZone myZone;
CfnEIP elasticIp = CfnEIP.Builder.create(this, "EIP")
.domain("vpc")
.instanceId(instance.getInstanceId())
.build();
ARecord.Builder.create(this, "ARecord")
.zone(myZone)
.target(RecordTarget.fromIpAddresses(elasticIp.getRef()))
.build();
To add an AAAA record pointing to a CloudFront distribution:
import software.amazon.awscdk.services.cloudfront.*;
HostedZone myZone;
CloudFrontWebDistribution distribution;
AaaaRecord.Builder.create(this, "Alias")
.zone(myZone)
.target(RecordTarget.fromAlias(new CloudFrontTarget(distribution)))
.build();
Constructs are available for A, AAAA, CAA, CNAME, MX, NS, SRV and TXT records.
Use the CaaAmazonRecord construct to easily restrict certificate authorities
allowed to issue certificates for a domain to Amazon only.
To add a NS record to a HostedZone in different account you can do the following:
In the account containing the parent hosted zone:
PublicHostedZone parentZone = PublicHostedZone.Builder.create(this, "HostedZone")
.zoneName("someexample.com")
.crossAccountZoneDelegationPrincipal(new AccountPrincipal("12345678901"))
.crossAccountZoneDelegationRoleName("MyDelegationRole")
.build();
In the account containing the child zone to be delegated:
PublicHostedZone subZone = PublicHostedZone.Builder.create(this, "SubZone")
.zoneName("sub.someexample.com")
.build();
// import the delegation role by constructing the roleArn
String delegationRoleArn = Stack.of(this).formatArn(ArnComponents.builder()
.region("") // IAM is global in each partition
.service("iam")
.account("parent-account-id")
.resource("role")
.resourceName("MyDelegationRole")
.build());
IRole delegationRole = Role.fromRoleArn(this, "DelegationRole", delegationRoleArn);
// create the record
// create the record
CrossAccountZoneDelegationRecord.Builder.create(this, "delegate")
.delegatedZone(subZone)
.parentHostedZoneName("someexample.com") // or you can use parentHostedZoneId
.delegationRole(delegationRole)
.build();
Imports
If you don't know the ID of the Hosted Zone to import, you can use the
HostedZone.fromLookup:
HostedZone.fromLookup(this, "MyZone", HostedZoneProviderProps.builder()
.domainName("example.com")
.build());
HostedZone.fromLookup requires an environment to be configured. Check
out the documentation for more documentation and examples. CDK
automatically looks into your ~/.aws/config file for the [default] profile.
If you want to specify a different account run cdk deploy --profile [profile].
new MyDevStack(app, 'dev', {
env: {
account: process.env.CDK_DEFAULT_ACCOUNT,
region: process.env.CDK_DEFAULT_REGION,
},
});
If you know the ID and Name of a Hosted Zone, you can import it directly:
IHostedZone zone = HostedZone.fromHostedZoneAttributes(this, "MyZone", HostedZoneAttributes.builder()
.zoneName("example.com")
.hostedZoneId("ZOJJZC49E0EPZ")
.build());
Alternatively, use the HostedZone.fromHostedZoneId to import hosted zones if
you know the ID and the retrieval for the zoneName is undesirable.
IHostedZone zone = HostedZone.fromHostedZoneId(this, "MyZone", "ZOJJZC49E0EPZ");
You can import a Public Hosted Zone as well with the similar PubicHostedZone.fromPublicHostedZoneId and PubicHostedZone.fromPublicHostedZoneAttributes methods:
IHostedZone zoneFromAttributes = PublicHostedZone.fromPublicHostedZoneAttributes(this, "MyZone", PublicHostedZoneAttributes.builder()
.zoneName("example.com")
.hostedZoneId("ZOJJZC49E0EPZ")
.build());
// Does not know zoneName
IPublicHostedZone zoneFromId = PublicHostedZone.fromPublicHostedZoneId(this, "MyZone", "ZOJJZC49E0EPZ");
VPC Endpoint Service Private DNS
When you create a VPC endpoint service, AWS generates endpoint-specific DNS hostnames that consumers use to communicate with the service. For example, vpce-1234-abcdev-us-east-1.vpce-svc-123345.us-east-1.vpce.amazonaws.com. By default, your consumers access the service with that DNS name. This can cause problems with HTTPS traffic because the DNS will not match the backend certificate:
curl: (60) SSL: no alternative certificate subject name matches target host name 'vpce-abcdefghijklmnopq-rstuvwx.vpce-svc-abcdefghijklmnopq.us-east-1.vpce.amazonaws.com'
Effectively, the endpoint appears untrustworthy. To mitigate this, clients have to create an alias for this DNS name in Route53.
Private DNS for an endpoint service lets you configure a private DNS name so consumers can access the service using an existing DNS name without creating this Route53 DNS alias This DNS name can also be guaranteed to match up with the backend certificate.
Before consumers can use the private DNS name, you must verify that you have control of the domain/subdomain.
Assuming your account has ownership of the particular domain/subdomain, this construct sets up the private DNS configuration on the endpoint service, creates all the necessary Route53 entries, and verifies domain ownership.
import software.amazon.awscdk.core.Stack;
import software.amazon.awscdk.services.ec2.Vpc;
import software.amazon.awscdk.services.ec2.VpcEndpointService;
import software.amazon.awscdk.services.elasticloadbalancingv2.NetworkLoadBalancer;
import software.amazon.awscdk.services.route53.PublicHostedZone;
import software.amazon.awscdk.services.route53.VpcEndpointServiceDomainName;
Stack stack = new Stack();
Vpc vpc = new Vpc(stack, "VPC");
NetworkLoadBalancer nlb = NetworkLoadBalancer.Builder.create(stack, "NLB")
.vpc(vpc)
.build();
VpcEndpointService vpces = VpcEndpointService.Builder.create(stack, "VPCES")
.vpcEndpointServiceLoadBalancers(List.of(nlb))
.build();
// You must use a public hosted zone so domain ownership can be verified
PublicHostedZone zone = PublicHostedZone.Builder.create(stack, "PHZ")
.zoneName("aws-cdk.dev")
.build();
VpcEndpointServiceDomainName.Builder.create(stack, "EndpointDomain")
.endpointService(vpces)
.domainName("my-stuff.aws-cdk.dev")
.publicHostedZone(zone)
.build();
-
ClassDescriptionA DNS AAAA record.A fluent builder for
AaaaRecord.Construction properties for a AaaaRecord.A builder forAaaaRecordPropsAn implementation forAaaaRecordPropsDeprecated.Use RecordTargetRepresents the properties of an alias target destination.A builder forAliasRecordTargetConfigAn implementation forAliasRecordTargetConfigA DNS A record.A fluent builder forARecord.Construction properties for a ARecord.A builder forARecordPropsAn implementation forARecordPropsA DNS Amazon CAA record.A fluent builder forCaaAmazonRecord.Construction properties for a CaaAmazonRecord.A builder forCaaAmazonRecordPropsAn implementation forCaaAmazonRecordPropsA DNS CAA record.A fluent builder forCaaRecord.Construction properties for a CaaRecord.A builder forCaaRecordPropsAn implementation forCaaRecordPropsProperties for a CAA record value.A builder forCaaRecordValueAn implementation forCaaRecordValueThe CAA tag.A CloudFormationAWS::Route53::CidrCollection.A fluent builder forCfnCidrCollection.Specifies the list of CIDR blocks for a CIDR location.A builder forCfnCidrCollection.LocationPropertyAn implementation forCfnCidrCollection.LocationPropertyProperties for defining aCfnCidrCollection.A builder forCfnCidrCollectionPropsAn implementation forCfnCidrCollectionPropsA CloudFormationAWS::Route53::DNSSEC.A fluent builder forCfnDNSSEC.Properties for defining aCfnDNSSEC.A builder forCfnDNSSECPropsAn implementation forCfnDNSSECPropsA CloudFormationAWS::Route53::HealthCheck.A complex type that identifies the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether the specified health check is healthy.A builder forCfnHealthCheck.AlarmIdentifierPropertyAn implementation forCfnHealthCheck.AlarmIdentifierPropertyA fluent builder forCfnHealthCheck.A complex type that contains information about the health check.A builder forCfnHealthCheck.HealthCheckConfigPropertyAn implementation forCfnHealthCheck.HealthCheckConfigPropertyTheHealthCheckTagproperty describes one key-value pair that is associated with anAWS::Route53::HealthCheckresource.A builder forCfnHealthCheck.HealthCheckTagPropertyAn implementation forCfnHealthCheck.HealthCheckTagPropertyProperties for defining aCfnHealthCheck.A builder forCfnHealthCheckPropsAn implementation forCfnHealthCheckPropsA CloudFormationAWS::Route53::HostedZone.A fluent builder forCfnHostedZone.A complex type that contains an optional comment about your hosted zone.A builder forCfnHostedZone.HostedZoneConfigPropertyAn implementation forCfnHostedZone.HostedZoneConfigPropertyA complex type that contains information about a tag that you want to add or edit for the specified health check or hosted zone.A builder forCfnHostedZone.HostedZoneTagPropertyAn implementation forCfnHostedZone.HostedZoneTagPropertyA complex type that contains information about a configuration for DNS query logging.A builder forCfnHostedZone.QueryLoggingConfigPropertyAn implementation forCfnHostedZone.QueryLoggingConfigPropertyPrivate hosted zones only: A complex type that contains information about an Amazon VPC.A builder forCfnHostedZone.VPCPropertyAn implementation forCfnHostedZone.VPCPropertyProperties for defining aCfnHostedZone.A builder forCfnHostedZonePropsAn implementation forCfnHostedZonePropsA CloudFormationAWS::Route53::KeySigningKey.A fluent builder forCfnKeySigningKey.Properties for defining aCfnKeySigningKey.A builder forCfnKeySigningKeyPropsAn implementation forCfnKeySigningKeyPropsA CloudFormationAWS::Route53::RecordSet.Alias records only: Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.A builder forCfnRecordSet.AliasTargetPropertyAn implementation forCfnRecordSet.AliasTargetPropertyA fluent builder forCfnRecordSet.The object that is specified in resource record set object when you are linking a resource record set to a CIDR location.A builder forCfnRecordSet.CidrRoutingConfigPropertyAn implementation forCfnRecordSet.CidrRoutingConfigPropertyA complex type that contains information about a geographic location.A builder forCfnRecordSet.GeoLocationPropertyAn implementation forCfnRecordSet.GeoLocationPropertyA CloudFormationAWS::Route53::RecordSetGroup.Alias records only: Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.A builder forCfnRecordSetGroup.AliasTargetPropertyAn implementation forCfnRecordSetGroup.AliasTargetPropertyA fluent builder forCfnRecordSetGroup.The object that is specified in resource record set object when you are linking a resource record set to a CIDR location.A builder forCfnRecordSetGroup.CidrRoutingConfigPropertyAn implementation forCfnRecordSetGroup.CidrRoutingConfigPropertyA complex type that contains information about a geographic location.A builder forCfnRecordSetGroup.GeoLocationPropertyAn implementation forCfnRecordSetGroup.GeoLocationPropertyInformation about one record that you want to create.A builder forCfnRecordSetGroup.RecordSetPropertyAn implementation forCfnRecordSetGroup.RecordSetPropertyProperties for defining aCfnRecordSetGroup.A builder forCfnRecordSetGroupPropsAn implementation forCfnRecordSetGroupPropsProperties for defining aCfnRecordSet.A builder forCfnRecordSetPropsAn implementation forCfnRecordSetPropsA DNS CNAME record.A fluent builder forCnameRecord.Construction properties for a CnameRecord.A builder forCnameRecordPropsAn implementation forCnameRecordPropsCommon properties to create a Route 53 hosted zone.A builder forCommonHostedZonePropsAn implementation forCommonHostedZonePropsA Cross Account Zone Delegation record.A fluent builder forCrossAccountZoneDelegationRecord.Construction properties for a CrossAccountZoneDelegationRecord.A builder forCrossAccountZoneDelegationRecordPropsAn implementation forCrossAccountZoneDelegationRecordPropsA DNS DS record.A fluent builder forDsRecord.Construction properties for a DSRecord.A builder forDsRecordPropsAn implementation forDsRecordPropsContainer for records, and records contain information about how to route traffic for a specific domain, such as example.com and its subdomains (acme.example.com, zenith.example.com).A fluent builder forHostedZone.Reference to a hosted zone.A builder forHostedZoneAttributesAn implementation forHostedZoneAttributesProperties of a new hosted zone.A builder forHostedZonePropsAn implementation forHostedZonePropsZone properties for looking up the Hosted Zone.A builder forHostedZoneProviderPropsAn implementation forHostedZoneProviderPropsClasses that are valid alias record targets, like CloudFront distributions and load balancers, should implement this interface.Internal default implementation forIAliasRecordTarget.A proxy class which represents a concrete javascript instance of this type.Imported or created hosted zone.Internal default implementation forIHostedZone.A proxy class which represents a concrete javascript instance of this type.Represents a Route 53 private hosted zone.Internal default implementation forIPrivateHostedZone.A proxy class which represents a concrete javascript instance of this type.Represents a Route 53 public hosted zone.Internal default implementation forIPublicHostedZone.A proxy class which represents a concrete javascript instance of this type.A record set.Internal default implementation forIRecordSet.A proxy class which represents a concrete javascript instance of this type.A DNS MX record.A fluent builder forMxRecord.Construction properties for a MxRecord.A builder forMxRecordPropsAn implementation forMxRecordPropsProperties for a MX record value.A builder forMxRecordValueAn implementation forMxRecordValueA DNS NS record.A fluent builder forNsRecord.Construction properties for a NSRecord.A builder forNsRecordPropsAn implementation forNsRecordPropsCreate a Route53 private hosted zone for use in one or more VPCs.A fluent builder forPrivateHostedZone.Properties to create a Route 53 private hosted zone.A builder forPrivateHostedZonePropsAn implementation forPrivateHostedZonePropsCreate a Route53 public hosted zone.A fluent builder forPublicHostedZone.Reference to a public hosted zone.A builder forPublicHostedZoneAttributesAn implementation forPublicHostedZoneAttributesConstruction properties for a PublicHostedZone.A builder forPublicHostedZonePropsAn implementation forPublicHostedZonePropsA record set.A fluent builder forRecordSet.Options for a RecordSet.A builder forRecordSetOptionsAn implementation forRecordSetOptionsConstruction properties for a RecordSet.A builder forRecordSetPropsAn implementation forRecordSetPropsType union for a record that accepts multiple types of target.The record type.A DNS SRV record.A fluent builder forSrvRecord.Construction properties for a SrvRecord.A builder forSrvRecordPropsAn implementation forSrvRecordPropsProperties for a SRV record value.A builder forSrvRecordValueAn implementation forSrvRecordValueA DNS TXT record.A fluent builder forTxtRecord.Construction properties for a TxtRecord.A builder forTxtRecordPropsAn implementation forTxtRecordPropsA Private DNS configuration for a VPC endpoint service.A fluent builder forVpcEndpointServiceDomainName.Properties to configure a VPC Endpoint Service domain name.A builder forVpcEndpointServiceDomainNamePropsAn implementation forVpcEndpointServiceDomainNamePropsOptions available when creating a delegation relationship from one PublicHostedZone to another.A builder forZoneDelegationOptionsAn implementation forZoneDelegationOptionsA record to delegate further lookups to a different set of name servers.A fluent builder forZoneDelegationRecord.Construction properties for a ZoneDelegationRecord.A builder forZoneDelegationRecordPropsAn implementation forZoneDelegationRecordProps