cli53
is a command line tool for Amazon Route53 and it's well documented.
Basic syntax to replace a BIND zone file is very simple:
cli53 import --file zonefile.txt --replace example.com
But this does not produce an exact copy of the zonefile, for example the existing SOA record will not be replaced.
## Hosting DNS with multiple providers
If your use case for this command is for duplicating zone files across multiple DNS hosts then the records should be identical in each location. Specifically: you need all the SOA serial numbers to be in sync.
That's why the --editauth
flag exists. It tells cli53
to overwrite the SOA record with whatever's in the incoming zone file, giving you a set of changes that replicate exactly the imported zone.
If you leave off the --editauth
flag there will be no alarms. The SOA serial numbers will be out of sync silently, and the resilience of your multi-hosted DNS will be compromised without you knowing. So it's really worth remembering.
I also think it's worth waiting for AWS to make the changes (using the --wait
flag). Like this:
cli53 import --file zonefile.txt --replace --wait --editauth example.com
## Dry run the changes
If you add the --dry-run
flag then cli53
will show you a diff of the changes it will make. I recommend using it for every change.