2

I have 2 AWS accounts A and B. There is a hosted zone my-domain.system in account A, which was originally created by AWS.

Now I want to create same hosted zone my-domain.system in account B, but don't want to migrate anything.

I tried to copy the nameservers of hosted zone of account B to nameservers of the account A, but that messed up the DNS, so I had to roll-back.

I want to achieve like, I created a record set in hosted zone of account B, it should work and I don't have to make changes in the account A's hosted zone.

Rajat Gupta
  • 121
  • 1
  • 2

1 Answers1

1

The solution to this depends on who you registered the domain with. The domain registrar is where you specify the authoritative nameservers for a domain -- not in a hosted zone.

If the registrar is also Route 53, here's the process:

In the Route 53 console, click "Registered Domains."

Select your domain.

Choose "add/edit name servers."

Enter the values for the Route 53 name servers assigned to the new hosted zone in account B, which you'll see on the right side of the screen when you click on the row of the domain from the Hosted Zones page (don't click on the actual domain name, just highlight the row).

If you registered the domain with someone other than Route 53, you'll need to make the changes on that provider's admin console.

Michael - sqlbot
  • 22,658
  • 2
  • 63
  • 86
  • My *domain registrar* is also Route53, I tried the same procedure also, but it messed up the DNS nameservers, and some record sets stops responding. – Rajat Gupta Jun 28 '17 at 07:45
  • I'm not sure what to tell you. If you use the correct values and the new hosted zone is configured correctly, you should get the correct results. If you want to mention the domain name, I'm sure I or someone can take a look at it for you. – Michael - sqlbot Jun 28 '17 at 16:13
  • 1
    There are 4 nameservers, and AWS only allows adding 3 more nameservers in the domain registrar. How to add last nameserver? – Rajat Gupta Jun 30 '17 at 07:38
  • You're not supposed to be adding 4 *more*. You need to remove the existing 4. Only one hosted zone's assigned nameservers can be specified here. – Michael - sqlbot Jun 30 '17 at 09:51
  • 1
    If I delete the old nameservers from account A, and add nameservers on Account B into A. The DNS entries made in account A will stop working? I want to make sure that, DNS entries in account A and account B, both works from Same DNS hosted in account A. – Rajat Gupta Jul 03 '17 at 08:45
  • *"both works"* -- That is incompatible with the way DNS works. All of the servers that are designated as authoritative for a zone must have all the records; otherwise, they will authoritatively respond no-such-domain (or a similar error) if queried for any record they lack (or have no delegation for). If you want to delegate a subdomain, there is a process for that, so (e.g.) `*.example.com` would be served from the zone in account A except for `foo.example.com` and `*.foo.example.com` which would be served from the zone in account B. Is that what you are trying to do? – Michael - sqlbot Jul 03 '17 at 14:43
  • I want `foo.example.com` should work from account A and `bar.example.com` should work from account B where Registered Domain `example.com` is hosted by Amazon Route53 on Account A. – Rajat Gupta Jul 03 '17 at 14:56
  • 1
    Create a hosted zone `bar.example.com` in Account B. Make a copy of the values for the 4 NS records assigned to the new zone. Then, create a new *resource record* `bar.example.com` in the existing hosted zone in Account A, record type `NS`, and populate it with the 4 NS records from the hosted zone in Account B. Everything except `bar.example.com` should work from zone A, and everything at and under `bar.example.com` should work from zone B. The zones can be in different accounts or the same account. Also described at https://stackoverflow.com/a/35785273/1695906. – Michael - sqlbot Jul 03 '17 at 15:25
  • I want to have `*.example.com` in account A as well as in account B & the DNS `*.example.com` is created by Route53 in account A. – Rajat Gupta Jul 04 '17 at 07:57
  • Well, you can't have that, because DNS doesn't work that way. One of them must be authoritative, with delegations to the other. – Michael - sqlbot Jul 04 '17 at 14:01