salt.states.boto_route53

Manage Route53 records

New in version 2014.7.0.

Create and delete Route53 records. Be aware that this interacts with Amazon's services, and so may incur charges.

This module uses boto, which can be installed via package, or pip.

This module accepts explicit route53 credentials but can also utilize IAM roles assigned to the instance through Instance Profiles. Dynamic credentials are then automatically obtained from AWS API and no further configuration is necessary. More information available here.

If IAM roles are not used you need to specify them either in a pillar file or in the minion's config file:

route53.keyid: GKTADJGHEIQSXMKKRBJ08H
route53.key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs

It's also possible to specify key, keyid and region via a profile, either passed in as a dict, or as a string to pull from pillars or minion config:

myprofile:
  keyid: GKTADJGHEIQSXMKKRBJ08H
  key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
  region: us-east-1
mycnamerecord:
  boto_route53.present:
    - name: test.example.com.
    - value: my-elb.us-east-1.elb.amazonaws.com.
    - zone: example.com.
    - ttl: 60
    - record_type: CNAME
    - region: us-east-1
    - keyid: GKTADJGHEIQSXMKKRBJ08H
    - key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs

# Using a profile from pillars
myarecord:
  boto_route53.present:
    - name: test.example.com.
    - value: 1.1.1.1
    - zone: example.com.
    - ttl: 60
    - record_type: A
    - region: us-east-1
    - profile: myprofile

# Passing in a profile
myarecord:
  boto_route53.present:
    - name: test.example.com.
    - value: 1.1.1.1
    - zone: example.com.
    - ttl: 60
    - record_type: A
    - region: us-east-1
    - profile:
        keyid: GKTADJGHEIQSXMKKRBJ08H
        key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
salt.states.boto_route53.absent(name, zone, record_type, identifier=None, region=None, key=None, keyid=None, profile=None, wait_for_sync=True, split_dns=False, private_zone=False)

Ensure the Route53 record is deleted.

name
Name of the record.
zone
The zone to delete the record from.
record_type
The record type (A, NS, MX, TXT, etc.)
identifier
An identifier to match for deletion.
region
The region to connect to.
key
Secret key to be used.
keyid
Access key to be used.
profile
A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.
wait_for_sync
Wait for an INSYNC change status from Route53.
split_dns
Route53 supports a public and private DNS zone with the same names.
private_zone
If using split_dns, specify if this is the private zone.
salt.states.boto_route53.hosted_zone_absent(name, domain_name=None, region=None, key=None, keyid=None, profile=None)

Ensure the Route53 Hostes Zone described is absent

name
The name of the state definition.
domain_name
The FQDN (including final period) of the zone you wish absent. If not provided, the value of name will be used.
salt.states.boto_route53.hosted_zone_present(name, domain_name=None, private_zone=False, caller_ref=None, comment=u'', vpc_id=None, vpc_name=None, vpc_region=None, region=None, key=None, keyid=None, profile=None)

Ensure a hosted zone exists with the given attributes. Note that most things cannot be modified once a zone is created - it must be deleted and re-spun to update these attributes:

  • private_zone (AWS API limitation).
  • comment (the appropriate call exists in the AWS API and in boto3, but has not, as of this writing, been added to boto2).
  • vpc_id (same story - we really need to rewrite this module with boto3)
  • vpc_name (really just a pointer to vpc_id anyway).
  • vpc_region (again, supported in boto3 but not boto2).

If you need the ability to update these attributes, please use the newer boto3_route53 module instead.

name
The name of the state definition.
domain_name
The name of the domain. This must be fully-qualified, terminating with a period. This is the name you have registered with your domain registrar. It is also the name you will delegate from your registrar to the Amazon Route 53 delegation servers returned in response to this request. Defaults to the value of name if not provided.
private_zone
Set True if creating a private hosted zone.
caller_ref
A unique string that identifies the request and that allows create_hosted_zone() calls to be retried without the risk of executing the operation twice. This helps ensure idempotency across state calls, but can cause issues if a zone is deleted and then an attempt is made to recreate it with the same caller_ref. If not provided, a unique UUID will be generated at each state run, which avoids the risk of the above (transient) error. This option is generally not needed. Maximum length of 128.
comment
Any comments you want to include about the hosted zone.
vpc_id
When creating a private hosted zone, either the VPC ID or VPC Name to associate with is required. Exclusive with vpe_name. Ignored when creating a non-private zone.
vpc_name
When creating a private hosted zone, either the VPC ID or VPC Name to associate with is required. Exclusive with vpe_id. Ignored when creating a non-private zone.
vpc_region
When creating a private hosted zone, the region of the associated VPC is required. If not provided, an effort will be made to determine it from vpc_id or vpc_name, where possible. If this fails, you'll need to provide an explicit value for this option. Ignored when creating a non-private zone.
salt.states.boto_route53.present(name, value, zone, record_type, ttl=None, identifier=None, region=None, key=None, keyid=None, profile=None, wait_for_sync=True, split_dns=False, private_zone=False)

Ensure the Route53 record is present.

name
Name of the record.
value
Value of the record. As a special case, you can pass in:
private:<Name tag> to have the function autodetermine the private IP public:<Name tag> to have the function autodetermine the public IP
zone
The zone to create the record in.
record_type
The record type (A, NS, MX, TXT, etc.)
ttl
The time to live for the record.
identifier
The unique identifier to use for this record.
region
The region to connect to.
key
Secret key to be used.
keyid
Access key to be used.
profile
A dict with region, key and keyid, or a pillar key (string) that contains a dict with region, key and keyid.
wait_for_sync
Wait for an INSYNC change status from Route53 before returning success.
split_dns
Route53 supports parallel public and private DNS zones with the same name.
private_zone
If using split_dns, specify if this is the private zone.