1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
|
package route53
import (
"context"
"fmt"
"strconv"
"strings"
"time"
"github.com/coredns/caddy"
"github.com/coredns/coredns/core/dnsserver"
"github.com/coredns/coredns/plugin"
"github.com/coredns/coredns/plugin/pkg/fall"
clog "github.com/coredns/coredns/plugin/pkg/log"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds"
"github.com/aws/aws-sdk-go/aws/ec2metadata"
"github.com/aws/aws-sdk-go/aws/session"
"github.com/aws/aws-sdk-go/service/route53"
"github.com/aws/aws-sdk-go/service/route53/route53iface"
)
var log = clog.NewWithPlugin("route53")
func init() { plugin.Register("route53", setup) }
// exposed for testing
var f = func(credential *credentials.Credentials) route53iface.Route53API {
return route53.New(session.Must(session.NewSession(&aws.Config{Credentials: credential})))
}
func setup(c *caddy.Controller) error {
for c.Next() {
keyPairs := map[string]struct{}{}
keys := map[string][]string{}
// Route53 plugin attempts to find AWS credentials by using ChainCredentials.
// And the order of that provider chain is as follows:
// Static AWS keys -> Environment Variables -> Credentials file -> IAM role
// With that said, even though a user doesn't define any credentials in
// Corefile, we should still attempt to read the default credentials file,
// ~/.aws/credentials with the default profile.
sharedProvider := &credentials.SharedCredentialsProvider{}
var providers []credentials.Provider
var fall fall.F
refresh := time.Duration(1) * time.Minute // default update frequency to 1 minute
args := c.RemainingArgs()
for i := 0; i < len(args); i++ {
parts := strings.SplitN(args[i], ":", 2)
if len(parts) != 2 {
return plugin.Error("route53", c.Errf("invalid zone %q", args[i]))
}
dns, hostedZoneID := parts[0], parts[1]
if dns == "" || hostedZoneID == "" {
return plugin.Error("route53", c.Errf("invalid zone %q", args[i]))
}
if _, ok := keyPairs[args[i]]; ok {
return plugin.Error("route53", c.Errf("conflict zone %q", args[i]))
}
keyPairs[args[i]] = struct{}{}
keys[dns] = append(keys[dns], hostedZoneID)
}
for c.NextBlock() {
switch c.Val() {
case "aws_access_key":
v := c.RemainingArgs()
if len(v) < 2 {
return plugin.Error("route53", c.Errf("invalid access key: '%v'", v))
}
providers = append(providers, &credentials.StaticProvider{
Value: credentials.Value{
AccessKeyID: v[0],
SecretAccessKey: v[1],
},
})
case "upstream":
c.RemainingArgs() // eats args
case "credentials":
if c.NextArg() {
sharedProvider.Profile = c.Val()
} else {
return c.ArgErr()
}
if c.NextArg() {
sharedProvider.Filename = c.Val()
}
case "fallthrough":
fall.SetZonesFromArgs(c.RemainingArgs())
case "refresh":
if c.NextArg() {
refreshStr := c.Val()
_, err := strconv.Atoi(refreshStr)
if err == nil {
refreshStr = fmt.Sprintf("%ss", c.Val())
}
refresh, err = time.ParseDuration(refreshStr)
if err != nil {
return plugin.Error("route53", c.Errf("Unable to parse duration: %v", err))
}
if refresh <= 0 {
return plugin.Error("route53", c.Errf("refresh interval must be greater than 0: %q", refreshStr))
}
} else {
return plugin.Error("route53", c.ArgErr())
}
default:
return plugin.Error("route53", c.Errf("unknown property %q", c.Val()))
}
}
session, err := session.NewSession(&aws.Config{})
if err != nil {
return plugin.Error("route53", err)
}
providers = append(providers, &credentials.EnvProvider{}, sharedProvider, &ec2rolecreds.EC2RoleProvider{
Client: ec2metadata.New(session),
})
client := f(credentials.NewChainCredentials(providers))
ctx, cancel := context.WithCancel(context.Background())
h, err := New(ctx, client, keys, refresh)
if err != nil {
return plugin.Error("route53", c.Errf("failed to create route53 plugin: %v", err))
}
h.Fall = fall
if err := h.Run(ctx); err != nil {
return plugin.Error("route53", c.Errf("failed to initialize route53 plugin: %v", err))
}
dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler {
h.Next = next
return h
})
c.OnShutdown(func() error { cancel(); return nil })
}
return nil
}
|
