theholm: (Default)

  1. Create AIM role to allow full access to DNZ zone.

    Security Policy:
    {
      "Version": "2012-10-17",
      "Statement": [
        {
          "Effect": "Allow",
          "Action": [
            "route53:*"
          ],
          "Resource": [
            "arn:aws:route53:::hostedzone/ZONE-ID (not zone name)"
          ]
        },
        {
          "Effect": "Allow",
          "Action": [
            "elasticloadbalancing:DescribeLoadBalancers"
          ],
          "Resource": [
            "*"
          ]
        }
      ]
    }
    


  2. Attach AIM role to EC2 instance and launch it.

  3. Add following command to OS shutdown script -

    aws route53 change-resource-record-sets --hosted-zone-id ZONE-ID --change-batch '{"Changes": [ {"Action": "CREATE","ResourceRecordSet": { "Name": "test.test.com.", "Type": "CNAME", "TTL": 600, "ResourceRecords": [ {"Value": "'`curl http://169.254.169.254/latest/meta-data/public-hostname 2> /dev/null`'" }] } } ] }'


  4. Add following command to OS shutdown script -

    aws route53 change-resource-record-sets --hosted-zone-id ZONE-ID --change-batch '{"Changes": [ {"Action": "DELETE","ResourceRecordSet": { "Name": "test.test.com.", "Type": "CNAME", "TTL": 600, "ResourceRecords": [ {"Value": "'`curl http://169.254.169.254/latest/meta-data/public-hostname 2> /dev/null`'" }] } } ] }'


Profile

theholm: (Default)TheHolm

February 2017

S M T W T F S
   123 4
567891011
12131415161718
19202122232425
262728    

Syndicate

RSS Atom

Style Credit

Expand Cut Tags

No cut tags
Page generated Jul. 22nd, 2017 09:00 pm
Powered by Dreamwidth Studios