Atomic been a very early adopter of Route 53, Amazon's DNS service. From the very beginning, Atomic DNS management has been hosted using Route 53. To put in perspective, Atomic was founded in January 2011, just a month after the luanch of Route 53. We originally selected it because it was one of the few DNS services that had APIs where we can make changes programatically. 10+ years ago, most companies were using GoDaddy, or hosting their own BIND servers, so having scalable DNS services with APIs was a bit of a revalation.

Over the years, we've used it to create dynamic DNS records for our production systems as they change from network to network, and we've used it to create vanity URLs for our clients. Route 53 was also the first DNS service that recommended TTLs as low as 5 minutes, where even now the industry regularly uses 24 hour TTLs. Being able to make quick DNS changes that rapidly propogate has been a huge benefit to us.

Recently we needed to migrate our Route 53 hosted zone files from one AWS account to another. Most blog articles, including the AWS ones show migrations using a combination of the AWS CLI and the AWS Console. We found using the cli53 utilities dramatically reduced the complexity and increated the speed of the migration. cli53 is a command line tool for Amazon Route 53 that allows you to export, import, and manage your Route 53 configuration from the command line. Because it is built on the AWS CLI infrastructure, it plays nice with existing account profiles that you probably already have installed on your development environment.

The killer feature and time-saver is cli53's "--upsert" flag, which will update existing records and add new ones. If you use the standard AWS CLI tools, you have to manually remove SOA records, etc. which can take a lot of time and can be error-prone.

Install cli53 and AWS CLI on your development environment. Make sure you have the necessary permissions to access the Route 53 hosted zones in both accounts.

Step 1 : Setup CLI credential profiles for both of your accounts.

~/aws/credentials

[default]
#new
aws_access_key_id = [new_access_key]
aws_secret_access_key = [new_secret]

[old]
aws_access_key_id = [old_access_key]
aws_secret_access_key = [old_secret]

Step 2 : Export Zone File(s)

cli53 export --profile old domain.com > domain.com.txt

Step 2 : Import Zone File(s) w/ Upsert

cli53 import --upsert --file domain.com.txt domain.com 

Step 3 : Update your NS at registrar with new Route 53 NS

When you migrate, you will be assigned new nameservers. Check your SOA records for the new NS records and update your registrar with the new nameservers. This could take some time to propogate, depending on your registrar. Once it is complete, delete the old zone files.