What distinguishes the AWS Route53 Connector from other ways you can add your assets is that it allows you to automatically update the list with any new subdomains added to your zone. Adding assets to your account becomes a continuous process, not just a one-time thing, so you can skip all the manual work related to it.
By activating this connector, Detectify will be able to pull DNS records data from your AWS Route 53 into your Detectify account. This means domains, subdomains, anything made available in the sharing key. Since the information on Route 53 is constantly changing, this will also sync automatically with what’s shown on your Detectify dashboards to ensure your monitoring is up-to-date.
1. To activate the connector, go to your Asset Inventory tab and click on the “Add Asset” button in the top right corner.
2. Choose “Import with AWS Route 53”.
3. Provide the AWS API keys with access to Route 53 key into the Detectify tool.
4. You can also choose to create the key with some access restrictions:
The last one can be restricted to specific hosted zones if you don't want to fetch all of them.
Detectify will now automatically update or add subdomains for monitoring onto your account for the domains you’ve already verified on the Detectify platform.
You choose which subdomains you want to add as separate scan profiles and keep monitoring for subdomain takeovers.
Can too many requests to AWS Route53 API block our access?
We do as many requests as required to fetch the relevant data. We fetch 100 items per request, so the final number of all the requests sent from our end depends on how many items you have. If we hit the AWS global account rate-limit of 5 requests/sec while fetching the data, we’ll use longer waits between retries (exponential backoff). If you would happen to experience any issues with that, try using the same backoff procedure on your end.
Here you can read more about the Exponential Backoff: