|   Trend Micro Cloud One™
Open menu

Route 53 Domain Expired

Cloud Conformity allows you to automate the auditing process of this resolution page. Register for a 14 day evaluation and check your compliance level for free!

Start a Free Trial Product features
Last updated: 26 April 2018
Risk level: High (not acceptable risk)
Rule ID: Route53-007

Identify and restore any expired domain names registered with AWS Route 53. The restoration fee will be charged to your AWS account and you will get a confirmation email once the registration process is completed.

This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS


When the expired domain names are not restored promptly, they will become available for others to register. Restoring on time your Route 53 expired domains will allow you to reestablish full control over their registration.


To determine which of your domain names registered with AWS Route 53 are currently expired, perform the following:

Using AWS Console

01 Login to the AWS Management Console.

02 Navigate to Route 53 dashboard at https://console.aws.amazon.com/route53/.

03 In the left navigation panel, under Domains, click Registered Domains.

04 Select the domain name that you want to examine.

05 On Your Domains > <domain name> page, inside the domain name configuration section, check the domain expiration date displayed next to Expires on. If the selected domain name is already expired, continue with the restoration process setup as explained in the Remediation/Resolution section.

06 Repeat steps no. 4 and 5 for each domain name currently registered with AWS Route 53.


01 Run list-domains command (OSX/Linux/UNIX) to list all the domain names registered with AWS or transferred to AWS:

aws route53domains list-domains
	--query 'Domains[*].DomainName'

02 The command output should return each domain name currently registered:


03 Run get-domain-detail command (OSX/Linux/UNIX) using the domain name returned at the previous step, to expose the expiration date for the selected domain:

aws route53domains get-domain-detail
	--domain-name mydomain.com
	--query 'ExpirationDate'

04 The command output should return the date when the specified domain is set to expire (Unix time):


05 To convert the Unix based date returned at the previous step to a human readable format run the following command (OSX/Linux/UNIX):

date -d @1464739200

06 The command output should return the expiration date in a readable format:

Thu Jun 1 00:00:00 UTC 2016

If the selected domain name is already expired, continue with the restoration process setup as presented in the Remediation/Resolution section.

07 Repeat steps no. 3 – 6 for each domain name currently registered with AWS Route 53.

Remediation / Resolution

To restore any expired domain names registered with AWS Route 53, perform the following:

Note: Restoring expired domains using the AWS API via Command Line Interface (CLI) is not currently supported. To restore Route 53 domain names use the AWS Management Console.

Using AWS Console

01 First, determine whether the expired domain name TLD is still within the restoration time frame by checking the "Renewal, restoration, and deletion times" table available on Gandi wiki page at http://wiki.gandi.net/en/domains/renew (Gandi is the AWS registrar partner).

02 If your expired domain is still recoverable, log in to AWS Management Console with the account credentials used at domain name registration.

03 Navigate to AWS Support Center dashboard at https://console.aws.amazon.com/support/home?region=us-east-1#/case/create?issueType=customer-service&serviceCode=billing&categoryCode=domain-name-registration-issue.

04 On the Create Case page, perform the following:

  1. Select Account and Billing Support for Regarding.
  2. Select Billing from the Service dropdown list.
  3. Select Domain name registration issue from the Category dropdown list.
  4. In the Subject box, type “Renew an expired domain”.
  5. In the Description box, enter the following details:
    • The domain name that you want to restore.
    • The ID of the AWS account used at domain registration (e.g. 356366855545).
  6. Under Contact method, select a preferred contact method so the AWS support team can reach you.
  7. Click Submit to send the restoration request to AWS. A customer support representative will contact you shortly.


Publication date May 26, 2016

Unlock the Remediation Steps

Gain free unlimited access to our full Knowledge Base

Over 600 rules & best practices for and

Get started for FREE

A verification email will be sent to this address
We keep your information private. Learn more.

Thank you!

Please click the link in the confirmation email sent to

You are auditing:

Route 53 Domain Expired

Risk level: High