Route53
AWS Route 53 — hosted zones, record lookups, and per-zone record-set state (snapshot/diff/apply). Uses boto3 and the standard AWS credential chain.
weave route53
Env: AWS_ACCESS_KEY_ID
Setup
Configure credentials via environment variables. We recommend sourcing them through 1Password or your secrets manager rather than committing them to the shell rc.
Official API reference
weave commands for this module are checked against the vendor's published API.
| Variable | Description | Status |
|---|---|---|
| AWS_ACCESS_KEY_ID | Required for authentication. | required |
| AWS_SECRET_ACCESS_KEY | Required for authentication. | required |
| AWS_SESSION_TOKEN | Required for authentication. | required |
| AWS_REGION | Required for authentication. | required |
| AWS_PROFILE | Named profile when not using explicit access keys. | optional |
Sanity-check the wiring:
weave secrets check weave route53 --help weave doctor # reports AWS_ACCESS_KEY_ID status
Capabilities
What this module can do, by entity and verb. ✓
means a working CLI surface; · means
not (yet) wired.
| Entity | find | list | show | do | snapshot | diff | apply |
|---|---|---|---|---|---|---|---|
| record | ✓ | ✓ | · | · | ✓ | ✓ | ✓ |
| zone | · | ✓ | ✓ | · | · | · | · |
Commands
Every registered CLI command, grouped by verb. Each example uses placeholder arguments — substitute real values for your environment.
find (1)
find record
readFind record sets matching an FQDN (searches all zones).
weave route53 find record <name>
list (2)
list records
readList record sets in a hosted zone.
weave route53 list records <zone-id>
list zones
readList hosted zones in the account.
weave route53 list zones <arg>
show (1)
show zone
readShow hosted zone details.
weave route53 show zone <zone-id>
snapshot → edit YAML →
diff → apply --yes (or confirm
interactively; apply --dry-run previews the same diff).
State kinds
Resources this module can snapshot and
diff; apply where the kind supports
live writes (see Round-trip per kind). Always run
diff before apply; use
--yes in automation after review. Files live under
.weave-state/route53/.
records
All record sets in one hosted zone (scoped via --zone-id).
State file skeleton
module: route53 kind: records zone_id: <value> items: - # <fields specific to this kind — see snapshot output>
Workflows
End-to-end recipes from operators who already run this module in production. Copy, adapt, and put under change-control.
Version-control DNS records in a zone
Treat a hosted zone's record sets like infrastructure code.
weave route53 list zones weave route53 snapshot records --zone-id=Z1234567890ABC $EDITOR .weave-state/route53/records-Z1234567890ABC.yaml weave route53 diff records --zone-id=Z1234567890ABC weave route53 apply records --zone-id=Z1234567890ABC --yes
Find where a hostname resolves
weave route53 find record www.example.com weave route53 find record api.example.com --type CNAME
Audit a zone before a migration
weave route53 show zone Z1234567890ABC weave route53 list records Z1234567890ABC weave route53 snapshot records --zone-id=Z1234567890ABC
Compare desired vs live after Terraform
weave route53 snapshot records --zone-id=Z1234567890ABC git diff .weave-state/route53
Terraform parity
For each Terraform resource in the canonical provider, here's the equivalent live-API verb in weave. Use this as a migration cheat-sheet, not a 1:1 contract — weave deliberately stays in the live-state lane, not the desired-state lane.
| Terraform resource | weave equivalent |
|---|---|
| aws_route53_zone | weave route53 list/show zone |
| aws_route53_record | weave route53 snapshot/diff/apply records |
| aws_route53_zone_association | Not exposed — VPC associations via console/IaC |
Troubleshooting & source
Run weave doctor — it reports which env
vars (including AWS_ACCESS_KEY_ID) are set
and which are blank.
Re-run weave route53 diff <kind>
to confirm the controller's current state, then re-snapshot
before the next apply. The driver always re-snapshots
before diffing.
The module lives at https://github.com/andy-broyles/weavewhatever/tree/main/src/weave/modules/route53. File a bug or feature request at https://github.com/andy-broyles/weavewhatever/issues.