darylounet · September 18, 2023 12:03
diff --git a/elb-internal-route53-updater.php b/elb-internal-route53-updater.php
 #!/usr/bin/php
 <?php
 /**
 * ELB Internal Route53 Updater
 * @author Cyril Aknine https://github.com/darylounet
 */

 $vpcId = 'your-vpc-id';
 $elbNetworkDescription = 'Your ELB network interface description (generated like "ELB your-elb-name")';
 $route53InternalHostedZoneId = 'Your Route53 Internal hosted zone ID';
 $route53InternalRecordName = 'your-route53-record.internal.'; // Ending with dot

 $config = array(
    'credentials' => [
        'key'    => 'Your IAM Key',
        'secret' => 'Your IAM Secret',
    ]
    'region' => 'us-west-1'
 );

 /*
 * IAM Policy Requirements
 {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Stmt1462092886000",
            "Effect": "Allow",
            "Action": [
                "ec2:DescribeNetworkInterfaces"
            ],
            "Resource": [
                "*"
            ]
        },
        {
            "Sid": "Stmt1462092981000",
            "Effect": "Allow",
            "Action": [
                "route53:ChangeResourceRecordSets",
                "route53:ListResourceRecordSets"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
 }
 */

 // http://docs.aws.amazon.com/aws-sdk-php/v3/download/aws.phar
 require dirname(__FILE__) . '/aws.phar';

 use Aws\Ec2\Ec2Client;
 use Aws\Route53\Route53Client;

 $ec2Client = new Ec2Client(array_merge($config, [ 'version' => '2015-10-01' ]));
 $elbInterfaces = $ec2Client->describeNetworkInterfaces(array(
    'Filters' => array(
        array(
            'Name' => 'description',
            'Values' => [ $elbNetworkDescription ]
        ),
        array(
            'Name' => 'vpc-id',
            'Values' => [ $vpcId ]
        )
    )
 ));

 $elbIps = array();
 foreach ($elbInterfaces['NetworkInterfaces'] as $elbInterface) {
    $elbIps[] = $elbInterface['PrivateIpAddress'];
 }
 sort($elbIps);

 $route53Client = new Route53Client(array_merge($config, [ 'version' => '2013-04-01', 'region' => 'us-east-1' ]));
 $records = $route53Client->listResourceRecordSets(array(
    'HostedZoneId' => $route53InternalHostedZoneId,
    'StartRecordName' => $route53InternalRecordName
 ));

 $route53elbIps = array();
 foreach ($records['ResourceRecordSets'][0]['ResourceRecords'] as $record) {
    $route53elbIps[] = $record['Value'];
 }
 sort($route53elbIps);

 // Check if Route53 update is needed
 if ($elbIps === $route53elbIps) {
    die('Same Ips detected - no update needed'. PHP_EOL);
 }

 $route53ResourceRecords = array();
 foreach ($elbIps as $ip) {
    $route53ResourceRecords[] = array('Value' => $ip);
 }

 $route53Client->changeResourceRecordSets(array(
    'HostedZoneId' => $route53InternalHostedZoneId,
    'ChangeBatch' => array(
        'Comment' => 'ELB Private IPs update',
        'Changes' => array(
            array(
                'Action' => 'UPSERT',
                'ResourceRecordSet' => array(
                    'Name' => $route53InternalRecordName,
                    'TTL' => 60,
                    'Type' => 'A',
                    'ResourceRecords' => $route53ResourceRecords
                )
            )
        )
    )
 ));
	#!/usr/bin/php
	<?php
	/**
	* ELB Internal Route53 Updater
	* @author Cyril Aknine https://github.com/darylounet
	*/

	$vpcId = 'your-vpc-id';
	$elbNetworkDescription = 'Your ELB network interface description (generated like "ELB your-elb-name")';
	$route53InternalHostedZoneId = 'Your Route53 Internal hosted zone ID';
	$route53InternalRecordName = 'your-route53-record.internal.'; // Ending with dot

	$config = array(
	'credentials' => [
	'key' => 'Your IAM Key',
	'secret' => 'Your IAM Secret',
	]
	'region' => 'us-west-1'
	);

	/*
	* IAM Policy Requirements
	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Sid": "Stmt1462092886000",
	"Effect": "Allow",
	"Action": [
	"ec2:DescribeNetworkInterfaces"
	],
	"Resource": [
	"*"
	]
	},
	{
	"Sid": "Stmt1462092981000",
	"Effect": "Allow",
	"Action": [
	"route53:ChangeResourceRecordSets",
	"route53:ListResourceRecordSets"
	],
	"Resource": [
	"*"
	]
	}
	]
	}
	*/

	// http://docs.aws.amazon.com/aws-sdk-php/v3/download/aws.phar
	require dirname(__FILE__) . '/aws.phar';

	use Aws\Ec2\Ec2Client;
	use Aws\Route53\Route53Client;

	$ec2Client = new Ec2Client(array_merge($config, [ 'version' => '2015-10-01' ]));
	$elbInterfaces = $ec2Client->describeNetworkInterfaces(array(
	'Filters' => array(
	array(
	'Name' => 'description',
	'Values' => [ $elbNetworkDescription ]
	),
	array(
	'Name' => 'vpc-id',
	'Values' => [ $vpcId ]
	)
	)
	));

	$elbIps = array();
	foreach ($elbInterfaces['NetworkInterfaces'] as $elbInterface) {
	$elbIps[] = $elbInterface['PrivateIpAddress'];
	}
	sort($elbIps);

	$route53Client = new Route53Client(array_merge($config, [ 'version' => '2013-04-01', 'region' => 'us-east-1' ]));
	$records = $route53Client->listResourceRecordSets(array(
	'HostedZoneId' => $route53InternalHostedZoneId,
	'StartRecordName' => $route53InternalRecordName
	));

	$route53elbIps = array();
	foreach ($records['ResourceRecordSets'][0]['ResourceRecords'] as $record) {
	$route53elbIps[] = $record['Value'];
	}
	sort($route53elbIps);

	// Check if Route53 update is needed
	if ($elbIps === $route53elbIps) {
	die('Same Ips detected - no update needed'. PHP_EOL);
	}

	$route53ResourceRecords = array();
	foreach ($elbIps as $ip) {
	$route53ResourceRecords[] = array('Value' => $ip);
	}

	$route53Client->changeResourceRecordSets(array(
	'HostedZoneId' => $route53InternalHostedZoneId,
	'ChangeBatch' => array(
	'Comment' => 'ELB Private IPs update',
	'Changes' => array(
	array(
	'Action' => 'UPSERT',
	'ResourceRecordSet' => array(
	'Name' => $route53InternalRecordName,
	'TTL' => 60,
	'Type' => 'A',
	'ResourceRecords' => $route53ResourceRecords
	)
	)
	)
	)
	));