Skip to main content

Create a customized DNS script

Select the Add script option in the Custom DNS connector tile to use your own custom script to automate domain control validation. Create a script from scratch or customize and use one of the below sample scripts.

Copy and paste your script into the designated area when you fill out the form to add the DNS integration.

Create a DNS script for Windows

For Windows, you need two scripts to prove your control over the domains: DNS .bat script and embedded PowerShell postscript (.ps1, .py, .ps, or other format).

Create an embedded DNS PowerShell postscript:

  1. Open a text editing tool such as Notepad.

  2. Define the login credentials, DNS challenge, and exit codes.

  3. Save the file with .ps1, .py, .ps, or other format.

    Nota

    Remember to note the location.

Create a DNS script:

  1. Open a text editing tool such as Notepad.

  2. Define the PowerShell postscript file location path, argument to pass the DNS challenge, and exitcodes.

Create a DNS script for Linux

For Linux, you need to a DNS .sh script to prove your control over the domains.

  1. . Open a text editing tool such as Notepad.

  2. Define the login credentials, DNS challenge, and exit codes.

  3. Save the file with the .sh extension.

    Nota

    Remember to note the location.

Sample scripts

AWS - DNS PowerShell postscript (.ps1)

#ensure AWS PStools are installed incl
#https://docs.aws.amazon.com/powershell/latest/userguide/pstools-getting-set-up-windows.#Install-Module -Name AWS.Tools.Installer
#Install-AWSToolsModule AWS.Tools.Route53
#Set-AWSCredential -AccessKey <accesskey> -SecretKey <secretkey> -StoreAs TestDNSProfile
Import-Module AWSPowerShell
Function Set-R53Record {
# Entry parameters
Param (
[Parameter(Mandatory=$True)][String]$Profile,
[Parameter(Mandatory=$True)][String]$Domain,
[Parameter(Mandatory=$True)][String]$Type,
[Parameter(Mandatory=$True)][String]$Name,
[Parameter(Mandatory=$True)][String]$Value,
[Int]$TTL = 300,
[String]$Comment
)
$DomainDot = $Domain + "."
# Create two objects for R53 update
$Change = New-Object Amazon.Route53.Model.Change
$Change.Action = "UPSERT"
# CREATE: Creates a resource record set that has the specified values.
# DELETE: Deletes an existing resource record set that has the specified values.
# UPSERT: If a resource record set doesn't already exist, AWS creates it.
$Change.ResourceRecordSet = New-Object 
Amazon.Route53.Model.ResourceRecordSet
$Change.ResourceRecordSet.Name = "$Name.$Domain"
$Change.ResourceRecordSet.Type = $Type
$Change.ResourceRecordSet.TTL = $TTL
#$Change.ResourceRecordSet.ResourceRecords.Add(@{Value=$Value})
$Change.ResourceRecordSet.ResourceRecords.Add(@{Value=if ($Type -eq "TXT") 
{"""$Value"""} # Get hosted zone
$HostedZone = Get-R53HostedZones -ProfileName $Profile| Where-Object { 
$DomainDot.EndsWith($_.Write-Output "Found HostedZone:$HostedZone"
# Set final parameters and execute
$Parameters = @{
HostedZoneId = $HostedZone.Id
ChangeBatch_Change = $Change # Object
ChangeBatch_Comment = $Comment # "Edited A record"
}
return Edit-R53ResourceRecordSet -ProfileName $Profile @Parameters
}
if($args.Length -ne 1){
Write-Output "Args not found"
exit -1;
}
$fileInput = Get-Content $args[0]
if ($fileInput.Length -lt 3){
Write-Output "File not found"
exit -1;
}$tempDomains = $fileInput[0].Split(",")
$challenge = $fileInput[2]
$domains = @()
foreach ($d in $tempDomains)
{
if ("$d" -ne "null")
{
Write-Output $d
$domains = $domains += $d
}
}
foreach ($domain in $domains)
{
Set-R53Record -Profile DNSProfileName -Domain $domain -Type "TXT" -Name 
"_dnsauth" –

DNS .bat script:

echo "Invoking DNS script"
pushd %~dp0
powershell.exe -File {DNSPostscriptPath} %*
echo "Exit Code : %errorlevel%"
set returnCode=%errorlevel% popd
EXIT /B %returnCode%

Nota

%* determines the DNS challenge. It retrieves its values from the postscript.

AWS - DNS .sh script:

#!/usr/bin/bash
set_R53_Record(){
Profile=$1
Domain=$2
Type=$3
Name=$4
Value=$5
TTL=$6
Comment=$7
DomainDot="$Domain."
echo "Profile:$Profile Domain:$Domain"
HOSTEDZONEID=$(/usr/local/bin/aws route53 list-hosted-zones --profile 
$Profile | jq cat > change-batch.json << EOL
{"Comment":"$Comment","Changes":[{"Action":"UPSERT","ResourceRecordSet":{"Name":"$Name.$EOL
/usr/local/bin/aws route53 change-resource-record-sets --hosted-zone-id $HOSTEDZONEID }
if [ "$#" -ne 1 ]; then
echo "Args not found"
exit -1;
fi
IFS=$'\n' read -d '' -r -a lines < $1
if [ ${#lines[@]} != 3 ]; then
echo "File not found"
exit -1;
fi
challenge=${lines[2]}
IFS=',' read -ra domains <<< "${lines[0]}"
for domain in "${domains[@]}"; do
set_R53_Record default $domain "TXT" "_dnsauth" $challenge 86400 "DNS challenge for done

Exit codes

Every program you start terminates with an exit code and reports it to the operating system. An exit code, sometimes known as a return code, is the code returned to a parent process by an executable.

Exit code

Description

0

Successful execution of the script.

1

Failed to execute the script for any reason.