Skip to content

Prerequisites

I assume you have already created a Route 53 Hosted Zones as a Public Hosted Zone type and setted Amazon name servers in your domain name registrar.

Note

If you are using EC2 IAM instance roles or AWS IAM roles for service accounts (IRSA), creating a user is not required. Configuration of IAM roles is beyond the scope of this document, and is discussed in the official AWS documentation linked above. For all other use cases, follow the steps below to create a policy and user.

Go to the IAM Policies page and click on Create Policy.

Then click on JSON tab and paste the following content:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "route53:ChangeResourceRecordSets",
                "route53:ListResourceRecordSets"
            ],
            "Effect": "Allow",
            "Resource": "arn:aws:route53:::hostedzone/<HOSTED_ZONE_ID>"
        }
    ]
}

Tip

Replace <HOSTED_ZONE_ID> with your current hosted zone id you can find on Route 53 Hosted Zones page.

Enter a Policy Name and click Create Policy.

Now go to the IAM Users page and click the Add user button.

Enter a User name, check Programmatic access for Access type and click Next: Permissions.

Choose the last option Attach existing policies directly and fill in the Search field with the name of the policy you created before and click Next: Review then Create user.

An Access Key ID and a Secret Access key will be displayed. This is the credentials needed for ddns-route53. Save them somewhere since you will need them in the configuration step.

Last update: 2024-05-06 07:49:59
Created: 2019-08-22 18:04:46