Create a customized DNS script
Select the Add script option in the Custom DNS connector tile to use your own custom script to automate domain control validation. Create a script from scratch or customize and use one of the below sample scripts.
Copy and paste your script into the designated area when you fill out the form to add the DNS integration.
Create a DNS script for Windows
For Windows, you need two scripts to prove your control over the domains: DNS .bat
script and embedded PowerShell postscript (.ps1, .py, .ps,
or other format).
Create an embedded DNS PowerShell postscript:
Open a text editing tool such as Notepad.
Define the login credentials, DNS challenge, and exit codes.
Save the file with
.ps1, .py, .ps
, or other format.Nota
Remember to note the location.
Create a DNS script:
Open a text editing tool such as Notepad.
Define the PowerShell postscript file location path, argument to pass the DNS challenge, and exitcodes.
Create a DNS script for Linux
For Linux, you need to a DNS .sh
script to prove your control over the domains.
. Open a text editing tool such as Notepad.
Define the login credentials, DNS challenge, and exit codes.
Save the file with the
.sh
extension.Nota
Remember to note the location.
Sample scripts
AWS - DNS PowerShell postscript (.ps1)
#ensure AWS PStools are installed incl #https://docs.aws.amazon.com/powershell/latest/userguide/pstools-getting-set-up-windows.#Install-Module -Name AWS.Tools.Installer #Install-AWSToolsModule AWS.Tools.Route53 #Set-AWSCredential -AccessKey <accesskey> -SecretKey <secretkey> -StoreAs TestDNSProfile Import-Module AWSPowerShell Function Set-R53Record { # Entry parameters Param ( [Parameter(Mandatory=$True)][String]$Profile, [Parameter(Mandatory=$True)][String]$Domain, [Parameter(Mandatory=$True)][String]$Type, [Parameter(Mandatory=$True)][String]$Name, [Parameter(Mandatory=$True)][String]$Value, [Int]$TTL = 300, [String]$Comment ) $DomainDot = $Domain + "." # Create two objects for R53 update $Change = New-Object Amazon.Route53.Model.Change $Change.Action = "UPSERT" # CREATE: Creates a resource record set that has the specified values. # DELETE: Deletes an existing resource record set that has the specified values. # UPSERT: If a resource record set doesn't already exist, AWS creates it. $Change.ResourceRecordSet = New-Object Amazon.Route53.Model.ResourceRecordSet $Change.ResourceRecordSet.Name = "$Name.$Domain" $Change.ResourceRecordSet.Type = $Type $Change.ResourceRecordSet.TTL = $TTL #$Change.ResourceRecordSet.ResourceRecords.Add(@{Value=$Value}) $Change.ResourceRecordSet.ResourceRecords.Add(@{Value=if ($Type -eq "TXT") {"""$Value"""} # Get hosted zone $HostedZone = Get-R53HostedZones -ProfileName $Profile| Where-Object { $DomainDot.EndsWith($_.Write-Output "Found HostedZone:$HostedZone" # Set final parameters and execute $Parameters = @{ HostedZoneId = $HostedZone.Id ChangeBatch_Change = $Change # Object ChangeBatch_Comment = $Comment # "Edited A record" } return Edit-R53ResourceRecordSet -ProfileName $Profile @Parameters } if($args.Length -ne 1){ Write-Output "Args not found" exit -1; } $fileInput = Get-Content $args[0] if ($fileInput.Length -lt 3){ Write-Output "File not found" exit -1; }$tempDomains = $fileInput[0].Split(",") $challenge = $fileInput[2] $domains = @() foreach ($d in $tempDomains) { if ("$d" -ne "null") { Write-Output $d $domains = $domains += $d } } foreach ($domain in $domains) { Set-R53Record -Profile DNSProfileName -Domain $domain -Type "TXT" -Name "_dnsauth" –
DNS .bat script:
echo "Invoking DNS script" pushd %~dp0 powershell.exe -File {DNSPostscriptPath} %* echo "Exit Code : %errorlevel%" set returnCode=%errorlevel% popd EXIT /B %returnCode%
Nota
%* determines the DNS challenge. It retrieves its values from the postscript.
AWS - DNS .sh script:
#!/usr/bin/bash set_R53_Record(){ Profile=$1 Domain=$2 Type=$3 Name=$4 Value=$5 TTL=$6 Comment=$7 DomainDot="$Domain." echo "Profile:$Profile Domain:$Domain" HOSTEDZONEID=$(/usr/local/bin/aws route53 list-hosted-zones --profile $Profile | jq cat > change-batch.json << EOL {"Comment":"$Comment","Changes":[{"Action":"UPSERT","ResourceRecordSet":{"Name":"$Name.$EOL /usr/local/bin/aws route53 change-resource-record-sets --hosted-zone-id $HOSTEDZONEID } if [ "$#" -ne 1 ]; then echo "Args not found" exit -1; fi IFS=$'\n' read -d '' -r -a lines < $1 if [ ${#lines[@]} != 3 ]; then echo "File not found" exit -1; fi challenge=${lines[2]} IFS=',' read -ra domains <<< "${lines[0]}" for domain in "${domains[@]}"; do set_R53_Record default $domain "TXT" "_dnsauth" $challenge 86400 "DNS challenge for done
Exit codes
Every program you start terminates with an exit code and reports it to the operating system. An exit code, sometimes known as a return code, is the code returned to a parent process by an executable.
Exit code | Description |
---|---|
0 | Successful execution of the script. |
1 | Failed to execute the script for any reason. |