How to migrate to a new AWS Account

This guide will cover the steps I took to migrate from one AWSAccount to another specifically for Project Reclass Infrastructure.

Migrating the projectreclass.org domain

Beginning April 2021 AWS no longer allows domain transfer between AWS accounts via GUI. Thereby, the aws CLI must be utilized. Utilize this guide to install the AWS CLI.

Configure access to AWS. Ensure the permissions allow you to make changes to Route53

Initiate the domain transfer:

$ aws route53domains transfer-domain-to-another-aws-account --domain-name projectreclass.org --account-id ${YOUR-NEW-ACCOUNT-ID}

Replace the above variables with the domain you wish to transfer (should be owned by your original AWS account) and the account ID of the new account (the account you want to take ownership of the domain)

The above should output something similar to the following:

{

"OperationId": "string",

"Password": "string"

}

You'll need the above password to accept the domain.

First you'll need to run aws configure again in order to switch to the accepting account

Next you must accept the transfer 

$ aws route53domains accept-domain-transfer-from-another-aws-account \
    --domain-name projectreclass.org \
    --password ${password}

Your password may include a quote character, it is recommended to wrap the password string in single quotes to properly pass it to AWS

After the domain transfer has been accepted, you'll need to create a new hosted zone or import the old hosted zone into the new account.

It is important to note that transferring a domain does not break any existing DNS records, this is due to the nameservers still being owned and operated by the original hosted zone, and by extension Route53. AWS explicitly tells us that the domain adn the DNS records do not need to be owned by the same account for routing to occur. While importing the hosted zone is likely the easiest way to migrate the domain, you may want to migrate and create records at your own pace. If this is the case remember you'll need to create a new hosted zone for the domain, remember to update the NS for the domain under Route53 -> Domains -> ${DOMAIN-NAME} in the graphical environment.

Migrating the projectreclass.org website

In order to migrate the website in it's current state, create an AMI of the EC2 instance in which it is hosted, make this AMI private.

To create the AMI go to the EC2 list select the server you'd like to make an image from and go to Actions -> images and templates -> create image

Creating the AMI image from an existing server

Fill out the AMI image name and descritpion, enable no reboot if uptime is a must and then click "create image":

Configuring details for the AMI

You'll be able to find a list of all AMI images on the sidebar under Images -> AMI

Where to find your new AMI

Finally select your AMI go to the permissions, and allow access to the new AWS Account by entering the new Account ID. Then you'll be able to access and launch the image. It'll be under the same sidebar Images -> AMI and under the "Private" filter

Allowing another account to access your private AMI

If your Image requires a subscription in our case bitnami/wordpress that must be accepted before the image can be launched.

Once the domain and image have been properly trasnferred add an A record pointing the domain projectreclass.org -> ${ip.ip.ip.ip} to the new IP address of the newly launched server

It is recommended to first attach an Elastic IP with the ability to reassociate and attach it to the server and point it the domain at that. This will allow you to quickly reassociate the IP without having to change records in the event you want to change the endpoint of projectreclass.org. Refer to this guide to learn how to attach an EIP

Migrating the Toynet Infrastructure

Assuming everything has gone well thus far, migrating toynet should be simple. Toynet is deployed automatically utilizing Terraform code. 

 github clone https://github.com/Project-Reclass/infrastructure.git
 cd ./infrastructure/terraform/toynet/production
 terraform init
 terraform apply toynet-deployment-production.tf

Ensure your aws configure is set to the new account

Terraform code will also create the DNS records

It is advised that you check the cost of this infrastructure prior terraform applyby doing the following: terraform plan -out=plan.tfplan && terraform show -json plan.tfplan > plan.json

And uploading the plan.json to the terraform cost estimator

PreviousCloud BasicsNextSetting up SSL with Bitnami

Last updated

Was this helpful?