Open menu
-->

Enable AWS Route 53 Domain Auto Renew

Cloud Conformity allows you to automate the auditing process of this resolution page. Register for a 14 day evaluation and check your compliance level for free!

Start a Free Trial Product features
Reliability

Risk level: High (act today)

Ensure that AWS Route 53 Auto Renew feature is enabled to automatically renew your domain names as the expiration date approaches. The automatic renewal registration fee will be charged to your AWS account and you will get an email with the renewal confirmation once the registration is processed.

This rule resolution is part of the Cloud Conformity Base Auditing Package

Enabling automatic renewal for your domains registered with AWS or transferred to AWS will guarantee you full control over domain names registration. When your domains are automatically renewed before their expiration date, the risk of losing them is practically zero.

Audit

To determine if your domain names have the Auto Renew feature enabled, perform the following:

Using AWS Console

01 Login to the AWS Management Console.

02 Navigate to Route 53 dashboard at https://console.aws.amazon.com/route53/.

03 In the left navigation panel, under Domains, click Registered Domains.

04 Select the domain name that you want to examine.

05 On the Your Domains > <domain name> page, under Transfer Lock, check the Auto Renew status. If the feature current status is set to Disabled, the automatic renewal registration for the selected domain name is not enabled and you can lose the ownership of the domain once this expires.

06 Repeat steps no. 4 and 5 for each domain name registered with AWS or transferred to AWS.

Using AWS CLI

01 Run list-domains command (OSX/Linux/UNIX) to list all the domain names registered with AWS Route 53 or transferred to AWS Route 53:

aws route53domains list-domains
	--query 'Domains[*].DomainName'

02 The command output should return each domain name currently registered:

[
    "cloudconformity.com"
]

03 Run get-domain-detail command (OSX/Linux/UNIX) using the domain name returned at the previous step, to determine the Auto Renew feature status for the selected domain:

aws route53domains get-domain-detail
	--domain-name cloudconformity.com
	--query 'AutoRenew'

04 The command output should return the feature status (true for enabled, false for disabled):

[
    false
]

If the Auto Renew current status is set to false, the automatic renewal registration for the selected domain name is not enabled and the risk of losing the domain ownership increases.

05 Repeat step no. 3 and 4 for each domain name registered with AWS or transferred to AWS.

Remediation / Resolution

To update your AWS Route 53 domains configuration and enable the Auto Renew feature, perform the following:

Using AWS Console

01 Login to the AWS Management Console.

02 Navigate to Route 53 dashboard at https://console.aws.amazon.com/route53/.

03 In the left navigation panel, under Domains, click Registered Domains.

04 Select the domain name that you want to examine.

05 On the Your Domains > <domain name> page, click Enable next to Auto Renew to enable the feature. The Auto Renew feature status should now change to Enabled.

06 Repeat steps no. 4 and 5 for each domain name registered with AWS or transferred to AWS.

Using AWS CLI

01 Run list-domains command (OSX/Linux/UNIX) to list all the domain names registered with AWS Route 53 or transferred to AWS Route 53:

aws route53domains list-domains
	--query 'Domains[*].DomainName'

02 The command output should return each domain name available in your AWS account:

[
    "cloudconformity.com"
]

03 Run enable-domain-auto-renew command (OSX/Linux/UNIX) using the domain name returned at the previous step, to enable the Auto Renew feature for the selected domain (the command does not return any output):

aws route53domains enable-domain-auto-renew
	--domain-name cloudconformity.com

04 Repeat step no. 3 for each domain name registered with AWS or transferred to AWS.

References

Publication date May 6, 2016