Search code examples
amazon-web-servicesterraformamazon-route53terraform-provider-aws

Why does a Route53 record I created with terraform resource aws_route53_record not resolve publicly?

Trying to create a simplest example of aws_route53_record A record creation

Example

resources

But when i do dig its not resolving. I just created the record 5 mins ago. Is it because i cannot do it to my public IP or does it take time to take effect?

$ dig server1.devops.academy

; <<>> DiG 9.10.6 <<>> server1.devops.academy
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10146
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;server1.devops.academy.                IN      A

;; AUTHORITY SECTION:
devops.academy.         331     IN      SOA     ns-1155.awsdns-16.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400

;; Query time: 9 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Sat May 16 14:18:29 +04 2020
;; MSG SIZE  rcvd: 136

Why does a Route53 record I created with aws_route53_recordnot resolve publicly?

Solution

  • In order for a DNS record to resolve publicly, you need:

    1. a public Route 53 Zone (you've got this)
    2. the domain to be publicly registered with a domain registrar (Route 53 Domains will work) - I suspect you don't have this
    3. the domain registrar to have the SOA and NS reflect your name servers from the public Route 53 Zone (should be automatic)

    Make sure to register the domain and update the NS and SOA with the registrar to match the name servers from your Route53 Zone (if you are using Route 53 Domains, pick the Route 53 Zone). After that your issue should be corrected.

    Here is how to register a domain in Route 53 Domains in the AWS Console (given that this costs around $12 I don't recommend automating it until you are very comfortable with the process).

    1. Log into the AWS Console
    2. Under services search for Route 53
    3. Go to Route 53
    4. In the left nav choose Registered Domains
    5. Click Register Domain
    6. In Choose a Domain Name, type the domain you want
    7. If it is available and the price is acceptable, choose Add to cart
    8. At the bottom of the list, click Continue
    9. In Contact Type, choose Person
    10. Type your information in
    11. Leave privacy protection on (it's free and you don't likely need things like Code Signing certificates for this domain that would require public contact info)
    12. Check the details on the final page (leave automatic renewal enabled, losing a domain is a HUGE headache, you can always cancel it anytime before it renews)
    13. Read the AWS Domain Registration Agreement so you understand your rights and responsibilities and check the "I have read" checkbox after
    14. Click Complete Order

    It can take a few hours for a domain to successfully register.

    More info on this process here: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/domain-register.html