cloud-custodian · kapilt · Mar 4, 2024 · Apr 5, 2022 · Apr 5, 2022 · Apr 5, 2022
diff --git a/c7n/resources/route53.py b/c7n/resources/route53.py
@@ -208,6 +208,65 @@
                 TagsToDelete=keys)
 
 
+@ResourceRecordSet.action_registry.register('remove-recordset')
+class ResourceRecordSetRemove(BaseAction):
+    """Action to delete resource records from Route 53 hosted zones.
+
+    It is recommended to use a filter to avoid unwanted deletion
+    of R53 records from all hosted zones.
+
+    :example:
+
+    .. code-block:: yaml
+
+            policies:
+              - name: route53-remove-filtered-records
+                resource: aws.rrset
+                filters:
+                  - type: value
+                    key: AliasTarget.DNSName
+                    value: "email.gc.example.com."
+                actions:
+                  - type: remove-recordset
+
+    """
+    schema = type_schema('remove-recordset',)
+    permissions = ('route53:ChangeResourceRecordSets',)
+    keys = (
+        'Name', 'Type', 'TTL', 'SetIdentifier', 'Region', 'AliasTarget', 'ResourceRecords')
+
+    def process(self, recordsets):
+        client = local_session(self.manager.session_factory).client('route53')
+        try:
+            for rrset in recordsets:
+                if rrset['Type'] in ('NS', 'SOA'):
+                    continue
+
+                rrsetdata = self.generate_rrset(rrset)
+                self.manager.retry(
+                    client.change_resource_record_sets,
+                    HostedZoneId=rrset['c7n:parent-id'],
+                    ChangeBatch={
+                        'Changes': [
+                            {
+                                'Action': 'DELETE',
+                                'ResourceRecordSet': rrsetdata,
+                            }
+                        ]
+                    },
+                    ignore_err_codes=('InvalidChangeBatch'))
+        except Exception as e:
+                self.log.warning(
+                    "ResourceRecordSet delete error: %s", e)
+
+    def generate_rrset(self, recordset):
+        rrset_payload = dict()
+        for key in self.keys:
+            if key in recordset:
+                rrset_payload.update({key: recordset[key]})
+        return rrset_payload
+
+
 @HostedZone.action_registry.register('delete')
 class Delete(BaseAction):
     """Action to delete Route 53 hosted zones.
@@ -234,6 +293,8 @@
 
     schema = type_schema('delete', force={'type': 'boolean'})
     permissions = ('route53:DeleteHostedZone',)
+    keys = (
+        'Name', 'Type', 'TTL', 'SetIdentifier', 'Region', 'AliasTarget', 'ResourceRecords')
 
     def process(self, hosted_zones):
         client = local_session(self.manager.session_factory).client('route53')
@@ -267,24 +328,27 @@
             # Exempt the two zone associated mandatory records
             if rrset['Name'] == hz['Name'] and rrset['Type'] in ('NS', 'SOA'):
                 continue
+            rrsetdata = self.generate_rrset(rrset)
             self.manager.retry(
                 client.change_resource_record_sets,
                 HostedZoneId=hz['Id'],
                 ChangeBatch={
                     'Changes': [
                         {
                             'Action': 'DELETE',
-                            'ResourceRecordSet': {
-                                'Name': rrset['Name'],
-                                'Type': rrset['Type'],
-                                'TTL': rrset['TTL'],
-                                'ResourceRecords': rrset['ResourceRecords']
-                            },
+                            'ResourceRecordSet': rrsetdata,
                         }
                     ]
                 },
                 ignore_err_codes=('InvalidChangeBatch'))
 
+    def generate_rrset(self, recordset):
+        rrset_payload = dict()
+        for key in self.keys:
+            if key in recordset:
+                rrset_payload.update({key: recordset[key]})
+        return rrset_payload
+
 
 @HostedZone.action_registry.register('set-query-logging')
 class SetQueryLogging(BaseAction):

@@ -0,0 +1,20 @@
+{
+    "status_code": 200,
+    "data": {
+        "ResponseMetadata": {},
+        "ChangeInfo": {
+            "Id": "/change/C08700492OMT62TVMBS6H",
+            "Status": "PENDING",
+            "SubmittedAt": {
+                "__class__": "datetime",
+                "year": 2024,
+                "month": 2,
+                "day": 11,
+                "hour": 17,
+                "minute": 38,
+                "second": 53,
+                "microsecond": 103000
+            }
+        }
+    }
+}
@@ -0,0 +1,19 @@
+{
+    "status_code": 200,
+    "data": {
+        "ResponseMetadata": {},
+        "HostedZones": [
+            {
+                "Id": "/hostedzone/Z0703663WE3WTQ3FAPIF",
+                "Name": "subdomain.example.com.",
+                "CallerReference": "1560",
+                "Config": {
+                    "PrivateZone": true
+                },
+                "ResourceRecordSetCount": 3
+            }
+        ],
+        "IsTruncated": false,
+        "MaxItems": "100"
+    }
+}
@@ -0,0 +1,49 @@
+{
+    "status_code": 200,
+    "data": {
+        "ResponseMetadata": {},
+        "ResourceRecordSets": [
+            {
+                "Name": "subdomain.example.com.",
+                "Type": "NS",
+                "TTL": 172800,
+                "ResourceRecords": [
+                    {
+                        "Value": "ns-1536.awsdns-00.co.uk."
+                    },
+                    {
+                        "Value": "ns-0.awsdns-00.com."
+                    },
+                    {
+                        "Value": "ns-1024.awsdns-00.org."
+                    },
+                    {
+                        "Value": "ns-512.awsdns-00.net."
+                    }
+                ]
+            },
+            {
+                "Name": "subdomain.example.com.",
+                "Type": "SOA",
+                "TTL": 900,
+                "ResourceRecords": [
+                    {
+                        "Value": "ns-1536.awsdns-00.co.uk. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400"
+                    }
+                ]
+            },
+            {
+                "Name": "mail.subdomain.example.com.",
+                "Type": "CNAME",
+                "TTL": 300,
+                "ResourceRecords": [
+                    {
+                        "Value": "mailserver01.subdomain.example.com."
+                    }
+                ]
+            }
+        ],
+        "IsTruncated": false,
+        "MaxItems": "100"
+    }
+}
@@ -0,0 +1,39 @@
+{
+    "status_code": 200,
+    "data": {
+        "ResponseMetadata": {},
+        "ResourceRecordSets": [
+            {
+                "Name": "subdomain.example.com.",
+                "Type": "NS",
+                "TTL": 172800,
+                "ResourceRecords": [
+                    {
+                        "Value": "ns-1536.awsdns-00.co.uk."
+                    },
+                    {
+                        "Value": "ns-0.awsdns-00.com."
+                    },
+                    {
+                        "Value": "ns-1024.awsdns-00.org."
+                    },
+                    {
+                        "Value": "ns-512.awsdns-00.net."
+                    }
+                ]
+            },
+            {
+                "Name": "subdomain.example.com.",
+                "Type": "SOA",
+                "TTL": 900,
+                "ResourceRecords": [
+                    {
+                        "Value": "ns-1536.awsdns-00.co.uk. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400"
+                    }
+                ]
+            }
+        ],
+        "IsTruncated": false,
+        "MaxItems": "100"
+    }
+}
@@ -0,0 +1,20 @@
+{
+    "status_code": 200,
+    "data": {
+        "ResponseMetadata": {},
+        "ChangeInfo": {
+            "Id": "/change/C0028923170KHKBOZN21G",
+            "Status": "PENDING",
+            "SubmittedAt": {
+                "__class__": "datetime",
+                "year": 2024,
+                "month": 2,
+                "day": 11,
+                "hour": 14,
+                "minute": 14,
+                "second": 7,
+                "microsecond": 346000
+            }
+        }
+    }
+}
@@ -0,0 +1,19 @@
+{
+    "status_code": 200,
+    "data": {
+        "ResponseMetadata": {},
+        "HostedZones": [
+            {
+                "Id": "/hostedzone/Z0703663WE3WTQ3FAPIF",
+                "Name": "subdomain.example.com.",
+                "CallerReference": "1560",
+                "Config": {
+                    "PrivateZone": true
+                },
+                "ResourceRecordSetCount": 4
+            }
+        ],
+        "IsTruncated": false,
+        "MaxItems": "100"
+    }
+}
@@ -0,0 +1,58 @@
+{
+    "status_code": 200,
+    "data": {
+        "ResponseMetadata": {},
+        "ResourceRecordSets": [
+            {
+                "Name": "subdomain.example.com.",
+                "Type": "A",
+                "AliasTarget": {
+                    "HostedZoneId": "Z1YSA3EXCYUU9Z",
+                    "DNSName": "vpce-12345abcdefgh-mxpozkdy.us-west-2.vpce.amazonaws.com.",
+                    "EvaluateTargetHealth": true
+                }
+            },
+            {
+                "Name": "subdomain.example.com.",
+                "Type": "NS",
+                "TTL": 172800,
+                "ResourceRecords": [
+                    {
+                        "Value": "ns-1536.awsdns-00.co.uk."
+                    },
+                    {
+                        "Value": "ns-0.awsdns-00.com."
+                    },
+                    {
+                        "Value": "ns-1024.awsdns-00.org."
+                    },
+                    {
+                        "Value": "ns-512.awsdns-00.net."
+                    }
+                ]
+            },
+            {
+                "Name": "subdomain.example.com.",
+                "Type": "SOA",
+                "TTL": 900,
+                "ResourceRecords": [
+                    {
+                        "Value": "ns-1536.awsdns-00.co.uk. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400"
+                    }
+                ]
+            },
+            {
+                "Name": "mail.subdomain.example.com.",
+                "Type": "CNAME",
+                "TTL": 300,
+                "ResourceRecords": [
+                    {
+                        "Value": "mailserver01.subdomain.example.com."
+                    }
+                ]
+            }
+        ],
+        "IsTruncated": false,
+        "MaxItems": "100"
+    }
+}
@@ -0,0 +1,49 @@
+{
+    "status_code": 200,
+    "data": {
+        "ResponseMetadata": {},
+        "ResourceRecordSets": [
+            {
+                "Name": "subdomain.example.com.",
+                "Type": "NS",
+                "TTL": 172800,
+                "ResourceRecords": [
+                    {
+                        "Value": "ns-1536.awsdns-00.co.uk."
+                    },
+                    {
+                        "Value": "ns-0.awsdns-00.com."
+                    },
+                    {
+                        "Value": "ns-1024.awsdns-00.org."
+                    },
+                    {
+                        "Value": "ns-512.awsdns-00.net."
+                    }
+                ]
+            },
+            {
+                "Name": "subdomain.example.com.",
+                "Type": "SOA",
+                "TTL": 900,
+                "ResourceRecords": [
+                    {
+                        "Value": "ns-1536.awsdns-00.co.uk. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400"
+                    }
+                ]
+            },
+            {
+                "Name": "mail.subdomain.example.com.",
+                "Type": "CNAME",
+                "TTL": 300,
+                "ResourceRecords": [
+                    {
+                        "Value": "mailserver01.subdomain.example.com."
+                    }
+                ]
+            }
+        ],
+        "IsTruncated": false,
+        "MaxItems": "100"
+    }
+}