DNS Provider (AWS)

Overview

Avi Vantage integrates with Amazon Web Services (AWS) to provide DNS services to applications running on instances in AWS.

Notes:

  • AWS Cloud in Avi supports AWS DNS by enabling route53_integration in the cloud configuration and does not require this DNS profile configuration.
  • A separate DNS provider configuration (as described below) is required only for cases where AWS provides the infrastructure service for other clouds, for instance, MESOS Cluster running on AWS instances).
  • AWS DNS is supported only for North-South DNS Provider.
  • CNAME record type is not supported, only A record is supported for AWS DNS.

DNS Configuration

Step 1. To use AWS as the DNS provider, one of the following types of credentials is required:

  • Identity and Access Management (IAM) roles: Set of policies that define access to resources within AWS
  • AWS customer account key: Unique authentication key associated with the AWS account

Step 1a. If Using IAM Role

If using the IAM role method to define access for an Avi Vantage installation in AWS, use the steps in this article to set up the IAM roles before beginning deployment of the Avi Controller EC2 instance.

Select “AWS Route 53 DNS” as type and “Use IAM Roles”.

IPAM Provider (AWS) IAM roles

Step 1b. If Using Access Key

Select AWS, then select Use Access Keys and enter the following information:

  • Access Key ID: AWS customer key ID.
  • Secret Access Key: customer key.

IPAM Provider (AWS) IAM roles

  • Select the AWS region into which the VIPs will be deployed.
  • Select Access AWS through Proxy if access to AWS endpoints requires a proxy server.

IPAM Provider (AWS) IAM roles

  • Select Use Cross-Account AssumeRole if the AWS credentials or role is being leveraged to access across accounts. Read AWS Cross-Account AssumeRole Support for details. Click Next.

Step 2. A dropdown of available VPCs in that region is displayed.

  • Select the appropriate VPC.
  • A drop-down of available domain names associated with that VPC are displayed. Configure at least one domain for virtual service’s FQDN registration with Route 53.
  • Click Save.

IPAM Provider (AWS) IAM roles

Additional References