Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2025-10-27 08:14:18 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
2895b067324f8d9add221f24020b5b4e4fc237bc
coredns/plugin/route53/README.md

132 lines
5.0 KiB
Markdown
Raw Normal View History

Add route53 plugin (#1390) * Update vendor Signed-off-by: Yong Tang <yong.tang.github@outlook.com> * Add route53 plugin This fix adds route53 plugin so that it is possible to query route53 record through CoreDNS. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2018-01-15 09:59:29 -08:00
# route53
## Name
*route53* - enables serving zone data from AWS route53.
## Description
Default to upstream to self (#2436) * Default to upstream to self This is a backwards incompatible change. This is a massive (cleanup) PR where we default to resolving external names by the coredns process itself, instead of directly forwarding them to some upstream. This ignores any arguments `upstream` may have had and makes it depend on proxy/forward configuration in the Corefile. This allows resolved upstream names to be cached and we have better healthchecking of the upstreams. It also means there is only one way to resolve names, by either using the proxy or forward plugin. The proxy/forward lookup.go functions have been removed. This also lessen the dependency on proxy, meaning deprecating proxy will become easier. Some tests have been removed as well, or moved to the top-level test directory as they now require a full coredns process instead of just the plugin. For the etcd plugin, the entire StubZone resolving is *dropped*! This was a hacky (but working) solution to say the least. If someone cares deeply it can be brought back (maybe)? The pkg/upstream is now very small and almost does nothing. Also the New() function was changed to return a pointer to upstream.Upstream. It also returns only one parameter, so any stragglers using it will encounter a compile error. All documentation has been adapted. This affected the following plugins: * etcd * file * auto * secondary * federation * template * route53 A followup PR will make any upstream directives with arguments an error, right now they are ignored. Signed-off-by: Miek Gieben <miek@miek.nl> * Fix etcd build - probably still fails unit test Signed-off-by: Miek Gieben <miek@miek.nl> * Slightly smarter lookup check in upstream Signed-off-by: Miek Gieben <miek@miek.nl> * Compilez Signed-off-by: Miek Gieben <miek@miek.nl>
2019-01-13 16:54:49 +00:00
The route53 plugin is useful for serving zones from resource record
sets in AWS route53. This plugin supports all Amazon Route 53 records
([https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html)).
[plugin/route53] Cleanup AWS config/credentials setup. (#5370) Signed-off-by: Dmitry Ilyevsky <ilyevsky@gmail.com>
2022-05-09 10:35:42 -07:00
The route53 plugin can be used when CoreDNS is deployed on AWS or elsewhere.
Add route53 plugin (#1390) * Update vendor Signed-off-by: Yong Tang <yong.tang.github@outlook.com> * Add route53 plugin This fix adds route53 plugin so that it is possible to query route53 record through CoreDNS. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2018-01-15 09:59:29 -08:00
## Syntax
~~~ txt
route53 [ZONE:HOSTED_ZONE_ID...] {
[plugin/route53] Deprecate plaintext secret in Corefile for route53 plugin (#5228) This PR deprecates plaintext secret in Corefile for route53 plugin (`aws_access_key`). Since using environmental variables of `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` have already been available, no other changes other than deprecation is needed. This will avoid saving plaintext secret in Corefile which could be of security concern. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2022-03-11 11:32:44 -08:00
aws_access_key [AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY] # Deprecated, uses other authentication methods instead.
plugin/route53: Configurable AWS Endpoint (#4963) Provide the ability to configure the AWS endpoint Signed-off-by: Matthew Palmer <matthew.palmer@helpsystems.com>
2021-11-08 14:45:45 +00:00
aws_endpoint ENDPOINT
plugins/route53: add AWS credentials file support (#2118) Automatically submitted.
2018-09-25 15:57:16 -07:00
credentials PROFILE [FILENAME]
plugin/route53: add fallthrough (#2132) Automatically submitted.
2018-09-25 11:41:05 -07:00
fallthrough [ZONES...]
plugin/route53: make refresh frequency adjustable (#3083) the current update frequency for the refresh loop in the route 53 plugin is hard-coded to 1 minute. aws rate-limits the number of api requests so less frequent record refreshes can help when reaching those limits depending upon your individual scenarios. this pull adds a configuration option to the route53 plugin to adjust the refresh frequency. thanks for getting my last pull released so quickly. this is the last local change that i have been running and would love to get it contributed back to the project. Signed-off-by: Matt Kulka <mkulka@parchment.com>
2019-08-03 18:07:28 -07:00
refresh DURATION
Add route53 plugin (#1390) * Update vendor Signed-off-by: Yong Tang <yong.tang.github@outlook.com> * Add route53 plugin This fix adds route53 plugin so that it is possible to query route53 record through CoreDNS. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2018-01-15 09:59:29 -08:00
}
~~~
Default to upstream to self (#2436) * Default to upstream to self This is a backwards incompatible change. This is a massive (cleanup) PR where we default to resolving external names by the coredns process itself, instead of directly forwarding them to some upstream. This ignores any arguments `upstream` may have had and makes it depend on proxy/forward configuration in the Corefile. This allows resolved upstream names to be cached and we have better healthchecking of the upstreams. It also means there is only one way to resolve names, by either using the proxy or forward plugin. The proxy/forward lookup.go functions have been removed. This also lessen the dependency on proxy, meaning deprecating proxy will become easier. Some tests have been removed as well, or moved to the top-level test directory as they now require a full coredns process instead of just the plugin. For the etcd plugin, the entire StubZone resolving is *dropped*! This was a hacky (but working) solution to say the least. If someone cares deeply it can be brought back (maybe)? The pkg/upstream is now very small and almost does nothing. Also the New() function was changed to return a pointer to upstream.Upstream. It also returns only one parameter, so any stragglers using it will encounter a compile error. All documentation has been adapted. This affected the following plugins: * etcd * file * auto * secondary * federation * template * route53 A followup PR will make any upstream directives with arguments an error, right now they are ignored. Signed-off-by: Miek Gieben <miek@miek.nl> * Fix etcd build - probably still fails unit test Signed-off-by: Miek Gieben <miek@miek.nl> * Slightly smarter lookup check in upstream Signed-off-by: Miek Gieben <miek@miek.nl> * Compilez Signed-off-by: Miek Gieben <miek@miek.nl>
2019-01-13 16:54:49 +00:00
* **ZONE** the name of the domain to be accessed. When there are multiple zones with overlapping
domains (private vs. public hosted zone), CoreDNS does the lookup in the given order here.
Therefore, for a non-existing resource record, SOA response will be from the rightmost zone.
doc: fix generated manual pages (#3571) Went over all generated manual pages and fixed some markdown issues, mostly escaping "_" to avoid underlining entire paragraphs. Some textual fixes in route53 and other cloud DNS plugins. Regenerated the markdown with mmark. Signed-off-by: Miek Gieben <miek@miek.nl>
2019-12-29 13:35:17 +01:00
* **HOSTED\_ZONE\_ID** the ID of the hosted zone that contains the resource record sets to be
Default to upstream to self (#2436) * Default to upstream to self This is a backwards incompatible change. This is a massive (cleanup) PR where we default to resolving external names by the coredns process itself, instead of directly forwarding them to some upstream. This ignores any arguments `upstream` may have had and makes it depend on proxy/forward configuration in the Corefile. This allows resolved upstream names to be cached and we have better healthchecking of the upstreams. It also means there is only one way to resolve names, by either using the proxy or forward plugin. The proxy/forward lookup.go functions have been removed. This also lessen the dependency on proxy, meaning deprecating proxy will become easier. Some tests have been removed as well, or moved to the top-level test directory as they now require a full coredns process instead of just the plugin. For the etcd plugin, the entire StubZone resolving is *dropped*! This was a hacky (but working) solution to say the least. If someone cares deeply it can be brought back (maybe)? The pkg/upstream is now very small and almost does nothing. Also the New() function was changed to return a pointer to upstream.Upstream. It also returns only one parameter, so any stragglers using it will encounter a compile error. All documentation has been adapted. This affected the following plugins: * etcd * file * auto * secondary * federation * template * route53 A followup PR will make any upstream directives with arguments an error, right now they are ignored. Signed-off-by: Miek Gieben <miek@miek.nl> * Fix etcd build - probably still fails unit test Signed-off-by: Miek Gieben <miek@miek.nl> * Slightly smarter lookup check in upstream Signed-off-by: Miek Gieben <miek@miek.nl> * Compilez Signed-off-by: Miek Gieben <miek@miek.nl>
2019-01-13 16:54:49 +00:00
accessed.
doc: fix generated manual pages (#3571) Went over all generated manual pages and fixed some markdown issues, mostly escaping "_" to avoid underlining entire paragraphs. Some textual fixes in route53 and other cloud DNS plugins. Regenerated the markdown with mmark. Signed-off-by: Miek Gieben <miek@miek.nl>
2019-12-29 13:35:17 +01:00
* **AWS\_ACCESS\_KEY\_ID** and **AWS\_SECRET\_ACCESS\_KEY** the AWS access key ID and secret access key
[plugin/route53] Cleanup AWS config/credentials setup. (#5370) Signed-off-by: Dmitry Ilyevsky <ilyevsky@gmail.com>
2022-05-09 10:35:42 -07:00
to be used when querying AWS (optional). If they are not provided, CoreDNS tries to access
AWS credentials the same way as AWS CLI - environment variables, shared credential file (and optionally
shared config file if `AWS_SDK_LOAD_CONFIG` env is set), and lastly EC2 Instance Roles.
[plugin/route53] Deprecate plaintext secret in Corefile for route53 plugin (#5228) This PR deprecates plaintext secret in Corefile for route53 plugin (`aws_access_key`). Since using environmental variables of `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` have already been available, no other changes other than deprecation is needed. This will avoid saving plaintext secret in Corefile which could be of security concern. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2022-03-11 11:32:44 -08:00
Note the usage of `aws_access_key` has been deprecated and may be removed in future versions. Instead,
user can use other methods to pass crentials, e.g., with environmental variable `AWS_ACCESS_KEY_ID` and
`AWS_SECRET_ACCESS_KEY`, respectively.
Default to upstream to self (#2436) * Default to upstream to self This is a backwards incompatible change. This is a massive (cleanup) PR where we default to resolving external names by the coredns process itself, instead of directly forwarding them to some upstream. This ignores any arguments `upstream` may have had and makes it depend on proxy/forward configuration in the Corefile. This allows resolved upstream names to be cached and we have better healthchecking of the upstreams. It also means there is only one way to resolve names, by either using the proxy or forward plugin. The proxy/forward lookup.go functions have been removed. This also lessen the dependency on proxy, meaning deprecating proxy will become easier. Some tests have been removed as well, or moved to the top-level test directory as they now require a full coredns process instead of just the plugin. For the etcd plugin, the entire StubZone resolving is *dropped*! This was a hacky (but working) solution to say the least. If someone cares deeply it can be brought back (maybe)? The pkg/upstream is now very small and almost does nothing. Also the New() function was changed to return a pointer to upstream.Upstream. It also returns only one parameter, so any stragglers using it will encounter a compile error. All documentation has been adapted. This affected the following plugins: * etcd * file * auto * secondary * federation * template * route53 A followup PR will make any upstream directives with arguments an error, right now they are ignored. Signed-off-by: Miek Gieben <miek@miek.nl> * Fix etcd build - probably still fails unit test Signed-off-by: Miek Gieben <miek@miek.nl> * Slightly smarter lookup check in upstream Signed-off-by: Miek Gieben <miek@miek.nl> * Compilez Signed-off-by: Miek Gieben <miek@miek.nl>
2019-01-13 16:54:49 +00:00
plugin/route53: Configurable AWS Endpoint (#4963) Provide the ability to configure the AWS endpoint Signed-off-by: Matthew Palmer <matthew.palmer@helpsystems.com>
2021-11-08 14:45:45 +00:00
* `aws_endpoint` can be used to control the endpoint to use when querying AWS (optional). **ENDPOINT** is the
URL of the endpoint to use. If this is not provided the default AWS endpoint resolution will occur.
[plugin/route53] Cleanup AWS config/credentials setup. (#5370) Signed-off-by: Dmitry Ilyevsky <ilyevsky@gmail.com>
2022-05-09 10:35:42 -07:00
* `credentials` is used for overriding the shared credentials **FILENAME** and the **PROFILE** name for a
given zone. **PROFILE** is the AWS account profile name. Defaults to `default`. **FILENAME** is the
AWS shared credentials filename, defaults to `~/.aws/credentials`. CoreDNS will only load shared credentials
file and not shared config file (`~/.aws/config`) by default. Set `AWS_SDK_LOAD_CONFIG` env variable to
a truthy value to enable also loading of `~/.aws/config` (e.g. if you want to provide assumed IAM role
configuration). Will be ignored if static keys are set via `aws_access_key`.
Default to upstream to self (#2436) * Default to upstream to self This is a backwards incompatible change. This is a massive (cleanup) PR where we default to resolving external names by the coredns process itself, instead of directly forwarding them to some upstream. This ignores any arguments `upstream` may have had and makes it depend on proxy/forward configuration in the Corefile. This allows resolved upstream names to be cached and we have better healthchecking of the upstreams. It also means there is only one way to resolve names, by either using the proxy or forward plugin. The proxy/forward lookup.go functions have been removed. This also lessen the dependency on proxy, meaning deprecating proxy will become easier. Some tests have been removed as well, or moved to the top-level test directory as they now require a full coredns process instead of just the plugin. For the etcd plugin, the entire StubZone resolving is *dropped*! This was a hacky (but working) solution to say the least. If someone cares deeply it can be brought back (maybe)? The pkg/upstream is now very small and almost does nothing. Also the New() function was changed to return a pointer to upstream.Upstream. It also returns only one parameter, so any stragglers using it will encounter a compile error. All documentation has been adapted. This affected the following plugins: * etcd * file * auto * secondary * federation * template * route53 A followup PR will make any upstream directives with arguments an error, right now they are ignored. Signed-off-by: Miek Gieben <miek@miek.nl> * Fix etcd build - probably still fails unit test Signed-off-by: Miek Gieben <miek@miek.nl> * Slightly smarter lookup check in upstream Signed-off-by: Miek Gieben <miek@miek.nl> * Compilez Signed-off-by: Miek Gieben <miek@miek.nl>
2019-01-13 16:54:49 +00:00
* `fallthrough` If zone matches and no record can be generated, pass request to the next plugin.
plugin/route53: small doc cleanups (#3016) Adjust style to rest fo the plugins. Signed-off-by: Miek Gieben <miek@miek.nl>
2019-07-17 20:40:15 +00:00
If **ZONES** is omitted, then fallthrough happens for all zones for which the plugin is
Default to upstream to self (#2436) * Default to upstream to self This is a backwards incompatible change. This is a massive (cleanup) PR where we default to resolving external names by the coredns process itself, instead of directly forwarding them to some upstream. This ignores any arguments `upstream` may have had and makes it depend on proxy/forward configuration in the Corefile. This allows resolved upstream names to be cached and we have better healthchecking of the upstreams. It also means there is only one way to resolve names, by either using the proxy or forward plugin. The proxy/forward lookup.go functions have been removed. This also lessen the dependency on proxy, meaning deprecating proxy will become easier. Some tests have been removed as well, or moved to the top-level test directory as they now require a full coredns process instead of just the plugin. For the etcd plugin, the entire StubZone resolving is *dropped*! This was a hacky (but working) solution to say the least. If someone cares deeply it can be brought back (maybe)? The pkg/upstream is now very small and almost does nothing. Also the New() function was changed to return a pointer to upstream.Upstream. It also returns only one parameter, so any stragglers using it will encounter a compile error. All documentation has been adapted. This affected the following plugins: * etcd * file * auto * secondary * federation * template * route53 A followup PR will make any upstream directives with arguments an error, right now they are ignored. Signed-off-by: Miek Gieben <miek@miek.nl> * Fix etcd build - probably still fails unit test Signed-off-by: Miek Gieben <miek@miek.nl> * Slightly smarter lookup check in upstream Signed-off-by: Miek Gieben <miek@miek.nl> * Compilez Signed-off-by: Miek Gieben <miek@miek.nl>
2019-01-13 16:54:49 +00:00
authoritative. If specific zones are listed (for example `in-addr.arpa` and `ip6.arpa`), then
only queries for those zones will be subject to fallthrough.
plugin/route53: make refresh frequency adjustable (#3083) the current update frequency for the refresh loop in the route 53 plugin is hard-coded to 1 minute. aws rate-limits the number of api requests so less frequent record refreshes can help when reaching those limits depending upon your individual scenarios. this pull adds a configuration option to the route53 plugin to adjust the refresh frequency. thanks for getting my last pull released so quickly. this is the last local change that i have been running and would love to get it contributed back to the project. Signed-off-by: Matt Kulka <mkulka@parchment.com>
2019-08-03 18:07:28 -07:00
* `refresh` can be used to control how long between record retrievals from Route 53. It requires
a duration string as a parameter to specify the duration between update cycles. Each update
cycle may result in many AWS API calls depending on how many domains use this plugin and how
many records are in each. Adjusting the update frequency may help reduce the potential of API
rate-limiting imposed by AWS.
* **DURATION** A duration string. Defaults to `1m`. If units are unspecified, seconds are assumed.
Add route53 plugin (#1390) * Update vendor Signed-off-by: Yong Tang <yong.tang.github@outlook.com> * Add route53 plugin This fix adds route53 plugin so that it is possible to query route53 record through CoreDNS. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2018-01-15 09:59:29 -08:00
## Examples
doc:remove duplicate word (#3005) Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
2019-07-15 13:51:08 +08:00
Enable route53 with implicit AWS credentials and resolve CNAMEs via 10.0.0.1:
Add route53 plugin (#1390) * Update vendor Signed-off-by: Yong Tang <yong.tang.github@outlook.com> * Add route53 plugin This fix adds route53 plugin so that it is possible to query route53 record through CoreDNS. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2018-01-15 09:59:29 -08:00
~~~ txt
update doc to not use the root zone for everything (#3288) Update all documentation in the tree to use example.org as an example configuration (in so far possible). As to get out of the just use "." and fallthrough and things would be fine. Signed-off-by: Miek Gieben <miek@miek.nl>
2019-09-19 14:17:53 +01:00
example.org {
plugins: set upstream unconditionally (#2956) `upstream` is not needed as a setting; just set if unconditionally and remove all documentation and tests for it. At some point we want remove the hanlding for `upstream` as well and error out on seeing it. Signed-off-by: Miek Gieben <miek@miek.nl>
2019-07-02 16:23:47 +01:00
route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7
update doc to not use the root zone for everything (#3288) Update all documentation in the tree to use example.org as an example configuration (in so far possible). As to get out of the just use "." and fallthrough and things would be fine. Signed-off-by: Miek Gieben <miek@miek.nl>
2019-09-19 14:17:53 +01:00
}
. {
plugins: remove `upstream [ADDRESS]` from docs (#2772) Various plugins still had this documented, the setup functions still allow it (which is fine), but update the docs that this arguments isn't there any more. Signed-off-by: Miek Gieben <miek@miek.nl>
2019-04-08 16:45:29 +01:00
forward . 10.0.0.1
Add route53 plugin (#1390) * Update vendor Signed-off-by: Yong Tang <yong.tang.github@outlook.com> * Add route53 plugin This fix adds route53 plugin so that it is possible to query route53 record through CoreDNS. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2018-01-15 09:59:29 -08:00
}
~~~
plugins/route53: add AWS credentials file support (#2118) Automatically submitted.
2018-09-25 15:57:16 -07:00
Enable route53 with explicit AWS credentials:
Add route53 plugin (#1390) * Update vendor Signed-off-by: Yong Tang <yong.tang.github@outlook.com> * Add route53 plugin This fix adds route53 plugin so that it is possible to query route53 record through CoreDNS. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2018-01-15 09:59:29 -08:00
~~~ txt
update doc to not use the root zone for everything (#3288) Update all documentation in the tree to use example.org as an example configuration (in so far possible). As to get out of the just use "." and fallthrough and things would be fine. Signed-off-by: Miek Gieben <miek@miek.nl>
2019-09-19 14:17:53 +01:00
example.org {
Add route53 plugin (#1390) * Update vendor Signed-off-by: Yong Tang <yong.tang.github@outlook.com> * Add route53 plugin This fix adds route53 plugin so that it is possible to query route53 record through CoreDNS. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2018-01-15 09:59:29 -08:00
route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7 {
[plugin/route53] Deprecate plaintext secret in Corefile for route53 plugin (#5228) This PR deprecates plaintext secret in Corefile for route53 plugin (`aws_access_key`). Since using environmental variables of `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` have already been available, no other changes other than deprecation is needed. This will avoid saving plaintext secret in Corefile which could be of security concern. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2022-03-11 11:32:44 -08:00
aws_access_key AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY # Deprecated, uses other authentication methods instead.
plugin/route53: add fallthrough (#2132) Automatically submitted.
2018-09-25 11:41:05 -07:00
}
}
~~~
plugin/route53: Configurable AWS Endpoint (#4963) Provide the ability to configure the AWS endpoint Signed-off-by: Matthew Palmer <matthew.palmer@helpsystems.com>
2021-11-08 14:45:45 +00:00
Enable route53 with an explicit AWS endpoint:
~~~ txt
example.org {
route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7 {
aws_endpoint https://test.us-west-2.amazonaws.com
}
}
~~~
plugin/route53: add fallthrough (#2132) Automatically submitted.
2018-09-25 11:41:05 -07:00
Enable route53 with fallthrough:
~~~ txt
. {
route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7 example.gov.:Z654321543245 {
fallthrough example.gov.
}
Add route53 plugin (#1390) * Update vendor Signed-off-by: Yong Tang <yong.tang.github@outlook.com> * Add route53 plugin This fix adds route53 plugin so that it is possible to query route53 record through CoreDNS. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2018-01-15 09:59:29 -08:00
}
~~~
plugins/route53: add AWS credentials file support (#2118) Automatically submitted.
2018-09-25 15:57:16 -07:00
plugin/route53: add split zone support (#2160) Automatically submitted.
2018-10-10 10:55:54 -07:00
Enable route53 with multiple hosted zones with the same domain:
~~~ txt
update doc to not use the root zone for everything (#3288) Update all documentation in the tree to use example.org as an example configuration (in so far possible). As to get out of the just use "." and fallthrough and things would be fine. Signed-off-by: Miek Gieben <miek@miek.nl>
2019-09-19 14:17:53 +01:00
example.org {
plugin/route53: add split zone support (#2160) Automatically submitted.
2018-10-10 10:55:54 -07:00
route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7 example.org.:Z93A52145678156
}
~~~
plugin/route53: make refresh frequency adjustable (#3083) the current update frequency for the refresh loop in the route 53 plugin is hard-coded to 1 minute. aws rate-limits the number of api requests so less frequent record refreshes can help when reaching those limits depending upon your individual scenarios. this pull adds a configuration option to the route53 plugin to adjust the refresh frequency. thanks for getting my last pull released so quickly. this is the last local change that i have been running and would love to get it contributed back to the project. Signed-off-by: Matt Kulka <mkulka@parchment.com>
2019-08-03 18:07:28 -07:00
Enable route53 and refresh records every 3 minutes
~~~ txt
update doc to not use the root zone for everything (#3288) Update all documentation in the tree to use example.org as an example configuration (in so far possible). As to get out of the just use "." and fallthrough and things would be fine. Signed-off-by: Miek Gieben <miek@miek.nl>
2019-09-19 14:17:53 +01:00
example.org {
plugin/route53: make refresh frequency adjustable (#3083) the current update frequency for the refresh loop in the route 53 plugin is hard-coded to 1 minute. aws rate-limits the number of api requests so less frequent record refreshes can help when reaching those limits depending upon your individual scenarios. this pull adds a configuration option to the route53 plugin to adjust the refresh frequency. thanks for getting my last pull released so quickly. this is the last local change that i have been running and would love to get it contributed back to the project. Signed-off-by: Matt Kulka <mkulka@parchment.com>
2019-08-03 18:07:28 -07:00
route53 example.org.:Z1Z2Z3Z4DZ5Z6Z7 {
refresh 3m
}
}
~~~
[plugin/route53] Deprecate plaintext secret in Corefile for route53 plugin (#5228) This PR deprecates plaintext secret in Corefile for route53 plugin (`aws_access_key`). Since using environmental variables of `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` have already been available, no other changes other than deprecation is needed. This will avoid saving plaintext secret in Corefile which could be of security concern. Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2022-03-11 11:32:44 -08:00
## Authentication
Route53 plugin uses [AWS Go SDK](https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html)
for authentication, where there is a list of accepted configuration methods.
Note the usage of `aws_access_key` in Corefile has been deprecated and may be removed in future versions. Instead,
user can use other methods to pass crentials, e.g., with environmental variable `AWS_ACCESS_KEY_ID` and
`AWS_SECRET_ACCESS_KEY`, respectively.
Reference in New Issue Copy Permalink