Howto by tolecnal March 10, 2021
Ever had the need to transfer a registered Route53 domain from one AWS account to the other? Follow this guide to transfer your domains using PowerShell.
Recently I had the need to do just that, and seeing as I absolutely love PowerShell, I had a sneaking suspicion that AWS.Tools for PowerShell had a module providing this functionality. This of course proved right, and it was a very straightforward process using the AWS.Tools.Route53Domains module.
The prerequisite for following this guide is that you already have a working AWS credential configuration stored under C:\Users\<accountName>\.aws\credentials. An example configuration file would look something along these lines. The user associated with the access keys needs full access to Route53, which is given by the IAM policy AmazonRoute53FullAccess.
[account1] aws_access_key_id=xxxxxxxxxxxxxxxx aws_secret_access_key=yyyyyyyyyyyyyyyyyyyyyyyyyyyyy [account2] aws_access_key_id=xxxxxxxxxxxxxxxx aws_secret_access_key=yyyyyyyyyyyyyyyyyyyyyyyyyyyyy
You will also need to install the AWS.Tools.Route53Domains module, and this is done in an elevated PowerShell session.
Next I opened up two PowerShell sessions with normal privileges, one for each AWS account. I then proceeded to set the credentials for each session, and load the required module.
Set-AWSCredential -ProfileName account1 Import-Module AWS.Tools.Route53Domains
Once you have the open sessions, the steps are to first start the transfer from account1, which is done with Move-R53DDomainToAnotherAwsAccount. Replace ZZZZZZZZZZ with the account ID of the accounts that currently holds the domain.
Move-R53DDomainToAnotherAwsAccount -DomainName example.com -AccountId ZZZZZZZZZZ
This should return an OperationId and Password if the transfer initiation was successful, something along these lines.
OperationId Password ----------- -------- 54aef2db-6115-47f2-85cd-6c6053c0ab60 T:W*2i)Iohdp(N
Now that the transfer has begun and we have the password for the transfer request, we need to accept the transfer request on account2 with Approve-R53DDomainTransferFromAnotherAwsAccount in the second PowerShell session. Replace <password> with the password you got in the previous step.
Approve-R53DDomainTransferFromAnotherAwsAccount -DomainName example.com -Password <password>
If successful, you should receive an OperationId object. As you can see, it is fairly painless to transfer a domain from one AWS account to another.