adding documentation in tutorials.md

kubernetes-sigs · Feb 27, 2025 · aa551af · aa551af
1 parent 276f19b
commit aa551af
Showing 1 changed file with 12 additions and 0 deletions.
diff --git a/docs/tutorials/aws.md b/docs/tutorials/aws.md
@@ -1108,3 +1108,15 @@ args:
     --aws-zone-tags=team=k8s,vertical=platform # this is not supported
     --aws-zone-tags==tag-value # this is not supported
 ```
+
+### Add Roles specific to the zone
+
+If you have multiple zones and want to manage them with different roles, you can configure `external-dns` with the following option:
+
+```sh
+args:
+  --aws-domain-roles=example.com=arn:aws:iam::123456789012:role/external-dns-role
+```
+
+`--aws-domain-roles` is a map of domain names to IAM roles. The domain/hosted zone names should match the `--domain-filter` values.
+AWS also sets STS rate limits on a per account per region basis i.e. for a single account on a single region you can make 600 requests per second.