Skip to content

Resource: awsRoute53ZoneAssociation

Manages a Route53 Hosted Zone VPC association. VPC associations can only be made on private zones. See the awsRoute53VpcAssociationAuthorization resource for setting up cross-account associations.

\~> NOTE: Unless explicit association ordering is required (e.g., a separate cross-account association authorization), usage of this resource is not recommended. Use the vpc configuration blocks available within the awsRoute53Zone resource instead.

\~> NOTE: Terraform provides both this standalone Zone VPC Association resource and exclusive VPC associations defined in-line in the awsRoute53Zone resource via vpc configuration blocks. At this time, you cannot use those in-line VPC associations in conjunction with this resource and the same zone ID otherwise it will cause a perpetual difference in plan output. You can optionally use the generic Terraform resource lifecycle configuration block with ignoreChanges in the awsRoute53Zone resource to manage additional associations via this resource.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsVpcPrimary = new aws.vpc.Vpc(this, "primary", {
  cidrBlock: "10.6.0.0/16",
  enableDnsHostnames: true,
  enableDnsSupport: true,
});
const awsVpcSecondary = new aws.vpc.Vpc(this, "secondary", {
  cidrBlock: "10.7.0.0/16",
  enableDnsHostnames: true,
  enableDnsSupport: true,
});
const awsRoute53ZoneExample = new aws.route53Zone.Route53Zone(this, "example", {
  name: "example.com",
  vpc: [
    {
      vpcId: awsVpcPrimary.id,
    },
  ],
});
awsRoute53ZoneExample.addOverride("lifecycle", [
  {
    ignore_changes: ["${vpc}"],
  },
]);
const awsRoute53ZoneAssociationSecondary =
  new aws.route53ZoneAssociation.Route53ZoneAssociation(this, "secondary_3", {
    vpcId: awsVpcSecondary.id,
    zoneId: awsRoute53ZoneExample.zoneId,
  });
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsRoute53ZoneAssociationSecondary.overrideLogicalId("secondary");

Argument Reference

The following arguments are supported:

  • zoneId - (Required) The private hosted zone to associate.
  • vpcId - (Required) The VPC to associate with the private hosted zone.
  • vpcRegion - (Optional) The VPC's region. Defaults to the region of the AWS provider.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • id - The calculated unique identifier for the association.
  • owningAccount - The account ID of the account that created the hosted zone.

Import

Route 53 Hosted Zone Associations can be imported via the Hosted Zone ID and VPC ID, separated by a colon (:), e.g.,

$ terraform import aws_route53_zone_association.example Z123456ABCDEFG:vpc-12345678

If the VPC is in a different region than the Terraform AWS Provider region configuration, the VPC Region can be added to the endE.g.,

$ terraform import aws_route53_zone_association.example Z123456ABCDEFG:vpc-12345678:us-east-2