This article illustrates how to use Route 53 and Lambda to setup single-tenant DDNS service, with code examples.
It’s technically possible to use a Python script as a DDNS client to update the DNS record on Route 53 directly. However, an AWS access key and secret access key need to be loaded to that node. If that node is compromised, other DNS records in that hosted zone may get tempered because IAM policy does not allow fine-grained permission on a single DNS record. The risk can be mitigated using AWS Lambda.
Continue reading “Dynamic DNS using Route 53 and Lambda”