Route53 Alias to Gov Cloud resource

0

I can no longer create (or update existing) Route 53 records in standard account to point to Gov Cloud resources. This has always been the approach to route Internet DNS to Gov cloud resources; as Gov Cloud Route 53 only supports private VPC DNS. This approach is still the documented approach to create DNS records for Gov Cloud resources as described here: https://docs.aws.amazon.com/govcloud-us/latest/UserGuide/setting-up-route53.html, and specifically called out here from the document:

As you set up Route 53 to serve your AWS GovCloud (US) content with public hosted zones, keep the following in mind:

You must log in to the Route 53 console using your standard AWS credentials. Do not use your AWS GovCloud (US-West) or AWS GovCloud (US-East) credentials.
You will set up Route 53 to route end users to your AWS GovCloud (US-West) or AWS GovCloud (US-East) resources.

I have existing DNS records using this approach for years, and have created records as recently as the past month, but can no longer change, update or create Route 53 records to my Gov Cloud resources.

I have to assume this is a bug or unintended consequence of recent AWS changes, and could be potentially problematic to support any issues that arise until its fixed or a new documented solution for routing to Gov Cloud resources is published.

  • The way this has always previously worked, is from the Route53 Create Record form you could choose your resource type, choose gov-west or gov-east, and then paste in the DNS record for the Gov resource. The list of resources for the respective gov-west or gov-east would not populate (because they would be under a separate gov account) but you could choose region gov-west or gov-east, and then paste in resource records. Now gov-east and gov-west are not in the region dropdown, and if you choose a different region to paste in the DNS record you will get error that it is not a valid resource for that region.

profile picture
已提問 2 年前檢視次數 769 次
1 個回答
0

Just closing the loop on this one. It appears there was a restriction in Route53 console that was preventing Gov Cloud region selection when creating alias records. My client opened a support ticket and the restriction/bug in the console was quickly resolved by AWS Support. Once again we are able to create/modify public Route53 alias records to Gov-Cloud resources.

profile picture
已回答 2 年前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南