Route53 Private Hosted Zone VPC Association Authorizations #27399
Unanswered
liam-reilly
asked this question in
Q&A
Replies: 1 comment 2 replies
-
I found an alternative way to do this using a mixture of CDK and the SDK. Seems OK if there is no direct way to do this in CDK?
|
Beta Was this translation helpful? Give feedback.
2 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
In order to associate a Source Accounts VPC with a Private Hosted Zone in a separate Target Account you need to first create a VPC Association Authorization. Then once this is in place you can go ahead and create the VPC Association.
In Terraform this is simple. The two blocks of code are almost identical.
ASSOCIATION: (deployed to the Source Account)
AUTHORIZATION:(deployed to the Target Account)
I'm trying to do the same thing using CDK but if I'm understanding this correctly it looks like I can ASSOCIATE a VPC with a HostedZone using the
addVpc()
method. (Although I'm not certain this will work across accounts?) but I do not see any method in either the Route53 or Vpc API's for creating the Authorizations.The AWS docs seem only to recommend using the CLI commands
create-vpc-association-authorization
anddelete-vpc-association-authorization
.Am I missing something obvious or does this really not exist in CDK?
Do I have no choice but to create a Custom Construct/Resource to create and delete these Authorizations or simply use the CLI?
Beta Was this translation helpful? Give feedback.
All reactions