AWS Route 53 - How to delegate a subdomain to a different hosted zone?

bobsut · October 12, 2021, 8:11pm

I’m using the route53 module to create hosted zones for a domain and a subdomain. I wish to manage the domain and the subdomain in separate hosted zones because they will be in separate AWS accounts, though they’re in the same Terraform config for now.

After I create the hosted zones with

provider "aws" {
  region = "us-west-2"
}
module "zones" {
  source = "terraform-aws-modules/route53/aws//modules/zones"
  zones = {
    "dom.ain"     = {}
    "sub.dom.ain" = {}
  }
}

I can create resource records like

module "text_top" {
  source  = "terraform-aws-modules/route53/aws//modules/records"
  zone_id = module.zones.route53_zone_zone_id["dom.ain"]
  records = [{
    name    = ""
    type    = "TXT"
    ttl     = 60
    records = ["this is the top domain dom.ain"]
  }]
}

module "text_sub" {
  source  = "terraform-aws-modules/route53/aws//modules/records"
  zone_id = module.zones.route53_zone_zone_id["sub.dom.ain"]
  records = [{
    name    = ""
    type    = "TXT"
    ttl     = 60
    records = ["this is the subdomain sub.dom.ain"]
  }]
}

which yield the expected results:

$ dig +short -t txt dom.ain. @ns-1749.awsdns-26.co.uk.
"this is the top domain dom.ain"
$ dig +short -t txt sub.dom.ain. @ns-1295.awsdns-33.org.
"this is the subdomain sub.dom.ain"
$

I create glue NS records for the subdomain:

module "glue_NS" {
  source  = "terraform-aws-modules/route53/aws//modules/records"
  zone_id = module.zones.route53_zone_zone_id["dom.ain"]
  records = [{
    name    = "sub"
    type    = "NS"
    ttl     = 172800
    records = module.zones.route53_zone_name_servers["sub.dom.ain"]
  }]
}

The glue NS records are created:

$ aws route53 list-resource-record-sets \
      --hosted-zone-id Z036547736CNNGE0WKQ95 \
      --query 'ResourceRecordSets[?(Type==`NS` && Name==`sub.dom.ain.`)].[Name,Type,ResourceRecords[].Value]' \
      --output text
sub.dom.ain.    NS
ns-981.awsdns-58.net    ns-217.awsdns-27.com    ns-1295.awsdns-33.org   ns-1940.awsdns-50.co.uk
$

But the glue NS records aren’t returned for a normal query:

$ dig +short -t ns sub.dom.ain. @ns-1749.awsdns-26.co.uk.
$ dig +short -t txt sub.dom.ain.  @ns-1749.awsdns-26.co.uk.
$

How can I delegate a subdomain to a different HZ?
Thanks for any suggestions!

Topic		Replies	Views
How to create DNS records in route53 using terraform by looping through a list? AWS	1	6837	May 22, 2021
Managing the same aws_route53_zone from different projects Terraform dns	3	1862	September 10, 2019
Route53 record set creation for multiple records and hosts Terraform	0	329	December 23, 2019
Create handful of DNS records in multiple domains AWS Route 53 AWS	2	1711	May 17, 2021
Zone Id not in root module Terraform	1	12	October 10, 2024

AWS Route 53 - How to delegate a subdomain to a different hosted zone?

Related topics