Creating an Amazon Route 53 Hosted Zone to host Office 365 services

Microsoft’s Office 365 solution is immensely useful and powerful, but it can be a bit of a pain to set up DNS if you want all the service capabilities enabled.

When adding a new domain to your Office 365 platform, and you want to enable email and all other Office 365 services for that domain, here’s a list of all the DNS entries you need to create to make it work:

TypeHostnameValueTTL (secs)

Exchange Online

MX@{your-domain}.mail.protection.outlook.com3600
TXT@"MS=ms12345678"
"v=spf1 include:spf.protection.outlook.com -all"
3600
CNAMEautodiscoverautodiscover.outlook.com3600

Skype for Business

CNAMEsipsipdir.online.lync.com3600
CNAMElyncdiscoverwebdir.online.lync.com3600
SRV_sip._tls100 1 443 sipdir.online.lync.com.3600
SRV_sipfederationtls._tcp100 1 5061 sipfed.online.lync.com.3600

Mobile Device Management for Office 365

CNAMEenterpriseregistrationenterpriseregistration.windows.net3600
CNAMEenterpriseenrollmententerpriseenrollment.manage.microsoft.com3600

Additional Office 365 records

CNAMEmsoidclientconfig.microsoftonline-p.net3600

That’s a lot of copying and pasting values into DNS records in a Route 53 Hosted Zone, and a lot of opportunity for error. To make the process easier, I’ve created a CloudFormation template that creates a new Hosted Zone and creates all the Office 365 records for you. There are a few input parameters you need to input when you create a new stack using the template:

  • DomainName – specifies the name of the new domain zone you wish to create, e.g. pjlewis.org
  • DomainDescription – a description for the new domain zone you wish to create (note, this cannot be changed later).
  • MXRecordValue – the string provided by Microsoft for the MX record; this is normally just your domain name with all periods replaced with dashes, e.g. pjlewis.org becomes pjlewis-org
  • TXTRecordValue – the unique code provided to you by Microsoft in the form ms12345678 which they use to validate that you own the domain you are trying to register

Once the Hosted Zone has been created you can edit it as normal via the console or CLI, but I would recommend that instead you create a customised version of the CloudFormation template for each domain you administer, and make changes to your Hosted Zones by updating the templates. This provides a solid rollback procedure in case you make a mistake when updating your DNS records, and also provides a complete backup of your zones in case they were to ever get deleted.

You can download the template here: YAML

You can launch the stack directly in the eu-west-1 Region (Dublin) by clicking here: 

Leave a Reply

Your email address will not be published. Required fields are marked *