How to migrate to a new AWS Account
This guide will cover the steps I took to migrate from one AWSAccount to another specifically for Project Reclass Infrastructure.
Migrating the projectreclass.org domain
Beginning April 2021 AWS no longer allows domain transfer between AWS accounts via GUI. Thereby, the aws CLI must be utilized. Utilize this guide to install the AWS CLI.
Configure access to AWS. Ensure the permissions allow you to make changes to Route53
Initiate the domain transfer:
Replace the above variables with the domain you wish to transfer (should be owned by your original AWS account) and the account ID of the new account (the account you want to take ownership of the domain)
The above should output something similar to the following:
{
"OperationId": "string",
"Password": "string"
}
You'll need the above password to accept the domain.
First you'll need to run aws configure again in order to switch to the accepting account
Next you must accept the transfer
Your password may include a quote character, it is recommended to wrap the password string in single quotes to properly pass it to AWS
After the domain transfer has been accepted, you'll need to create a new hosted zone or import the old hosted zone into the new account.
It is important to note that transferring a domain does not break any existing DNS records, this is due to the nameservers still being owned and operated by the original hosted zone, and by extension Route53. AWS explicitly tells us that the domain adn the DNS records do not need to be owned by the same account for routing to occur. While importing the hosted zone is likely the easiest way to migrate the domain, you may want to migrate and create records at your own pace. If this is the case remember you'll need to create a new hosted zone for the domain, remember to update the NS for the domain under Route53 -> Domains -> ${DOMAIN-NAME} in the graphical environment.
Migrating the projectreclass.org website
In order to migrate the website in it's current state, create an AMI of the EC2 instance in which it is hosted, make this AMI private.
To create the AMI go to the EC2 list select the server you'd like to make an image from and go to Actions -> images and templates -> create image
Fill out the AMI image name and descritpion, enable no reboot if uptime is a must and then click "create image":
You'll be able to find a list of all AMI images on the sidebar under Images -> AMI
Finally select your AMI go to the permissions, and allow access to the new AWS Account by entering the new Account ID. Then you'll be able to access and launch the image. It'll be under the same sidebar Images -> AMI and under the "Private" filter
If your Image requires a subscription in our case bitnami/wordpress that must be accepted before the image can be launched.
Once the domain and image have been properly trasnferred add an A record pointing the domain projectreclass.org -> ${ip.ip.ip.ip} to the new IP address of the newly launched server
It is recommended to first attach an Elastic IP with the ability to reassociate and attach it to the server and point it the domain at that. This will allow you to quickly reassociate the IP without having to change records in the event you want to change the endpoint of projectreclass.org. Refer to this guide to learn how to attach an EIP
Migrating the Toynet Infrastructure
Assuming everything has gone well thus far, migrating toynet should be simple. Toynet is deployed automatically utilizing Terraform code.
Ensure your aws configure is set to the new account
Terraform code will also create the DNS records
It is advised that you check the cost of this infrastructure prior terraform applyby doing the following: terraform plan -out=plan.tfplan && terraform show -json plan.tfplan > plan.json
And uploading the plan.json to the terraform cost estimator
Last updated
