AWS logo

Ever had the need to transfer a registered Route53 domain from one AWS account to the other? Follow this guide to transfer your domains using PowerShell.

Recently I had the need to do just that, and seeing as I absolutely love PowerShell, I had a sneaking suspicion that AWS.Tools for PowerShell had a module providing this functionality. This of course proved right, and it was a very straightforward process using the AWS.Tools.Route53Domains module.

The prerequisite for following this guide is that you already have a working AWS credential configuration stored under C:\Users\<accountName>\.aws\credentials. An example configuration file would look something along these lines. The user associated with the access keys needs full access to Route53, which is given by the IAM policy AmazonRoute53FullAccess.



You will also need to install the AWS.Tools.Route53Domains module and this is done in an elevated PowerShell session.

Install-AWSToolsModule AWS.Tools.Route53Domains

Next, I opened up two PowerShell sessions with normal privileges, one for each AWS account. I then proceeded to set the credentials for each session and load the required module.

Set-AWSCredential -ProfileName account1
Import-Module AWS.Tools.Route53Domains 

Once you have the open sessions, the steps are to first start the transfer from account1, which is done with Move-R53DDomainToAnotherAwsAccount. Replace ZZZZZZZZZZ with the account ID of the accounts that currently hold the domain.

Move-R53DDomainToAnotherAwsAccount -DomainName -AccountId ZZZZZZZZZZ

This should return an OperationId and Password if the transfer initiation was successful, something along these lines.

OperationId                          Password
 -----------                          --------
54aef2db-6115-47f2-85cd-6c6053c0ab60 T:W*2i)Iohdp(N

Now that the transfer has begun and we have the password for the transfer request, we need to accept the transfer request on account2 with Approve-R53DDomainTransferFromAnotherAwsAccount in the second PowerShell session. Replace <password> with the password you got in the previous step.

Approve-R53DDomainTransferFromAnotherAwsAccount -DomainName -Password <password>

If successful, you should receive an OperationId object. As you can see, it is fairly painless to transfer a domain from one AWS account to another.

By Jostein Elvaker Haande

"A free society is a society where it is safe to be unpopular" - Adlai Stevenson

Leave a Reply

Your email address will not be published. Required fields are marked *