Once you create the DNS records in the private hosted zone of Control Room AWS account, connect the private hosted zone to a VPC in API Task AWS account to run the API Task on AWS.

Set Amazon VPC authorization, and then associate the API Task AWS VPC to the private hosted zone of Control Room AWS. VPC authorization ensures that data traffic between the accounts is secured. You can run these commands either in AWS CLI or CloudShell within the AWS console.

Prerequisites

Ensure that you have administrator privileges to run commands on AWS CLI.

Procedure

  1. Log in to Control Room AWS CLI as administrator.
  2. Run the following command to list all the hosted zones: 
    aws route53 list-hosted-zones
  3. Optional: Run the following command to check existing authorization. 
    aws route53 list-vpc-association-authorizations --hosted-zone-id <hosted-zone-id>

    Replace the <hosted-zone-id> with the zone ID of the private hosted zone created earlier.

  4. Run the following command to authorize the association of API Task AWS VPC to the private hosted zone. 
    aws route53 create-vpc-association-authorization \
  --hosted-zone-id <hosted-zone-id> \
  --vpc VPCRegion=<vpc-region>,VPCId=<vpc-id> \
  --region <region>

    Replace the <hosted-zone-id> with the zone ID of the private hosted zone created earlier, <vpc-region> and <vpc-id> with the region and ID of API Task AWS account VPC, and <region> with the region of Control Room AWS account.

  5. Log in to API Task AWS CLI as administrator.
  6. Run the following command to associate the API Task AWS VPC with the private hosted zone. 
    aws route53 associate-vpc-with-hosted-zone \
  --hosted-zone-id <hosted-zone-id> \
  --vpc VPCRegion=<vpc-region>,VPCId=<vpc-id> \
  --region <region>

    Replace the <hosted-zone-id> with the zone ID of the private hosted zone created earlier, <vpc-region> and <vpc-id> with the region and ID of API Task AWS account VPC, and <region> with the region of API Task account.

  7. Log in to Control Room AWS account as administrator.
  8. Go to Route 53 > Hosted zone and select the private hosted zone.
    The Hosted zone details pane appears on the left displaying the details of the private hosted zone.
  9. Verify that the VPC ID of the API Task AWS account VPC appears in the Associated VPCs section of the Hosted zone details pane.