My website abc.domain.com is hosted on EC2.
In cloudfront I put abc.domain.com in the “Origin Domain Name” field and the "Alternate Domain Names (CNAMEs)" field.
Origin Domain Name: abc.domain.com
Alternate Domain Names (CNAMEs): abc.domain.com
The “Domain Name” of this distribution is xxx.cloudfront.net. In route53 I setup ALIAS A record with abc.domain.com point to xxx.cloudfront.net.
The problem is that with abc.domain.com point to xxx.cloudfront.net, route53 will not allow me to make another A record with abc.domain.com point to the IP of this EC2 so the "Origin Domain Name: abc.domain.com" will not work.
========================== Possible Solution =====================
Origin Domain Name: abc2.domain.com
Alternate Domain Names (CNAMEs): abc.domain.com
In route53 Setup ALIAS A record with abc.domain.com point to xxx.cloudfront.net.
In route53 make abc2.domain.com point to the IP of this EC2 so the "Origin Domain Name: abc2.domain.com" will work.
If you have to use CloudFront+ EC2+ Route53 for domain abc.domain.com then you required below :
Create ELB( Elastic load balancing ) with EC2
Then you map your CloudFront to ELB point.
In Route53 mappend your CloudFront.
Step which you following is will not allow you to create duplicate record entry. This is mandatory to use ELB if you want to use CloudFront with EC2.
If you dont want to use ELB then another option is purchase SSL certificate from external vendor and install it in EC2. Then you can directly point EC2 Ip to Route53. In this you don't require CloudFront.
Ask if you have any doubt.
Related
I'm in the process of migrating a bunch of stuff over to AWS and I've hit a bit of a snag in relation to Route53, specifically with vanity nameservers.
Current setup (not on Route53);
ns1.example.com - Glue records pointing to IP address of current DNS provider
ns2.example.com - Glue records pointing to IP address of current DNS provider
Various domains, all set to ns1.example.com for their authorities nameservers at the registrar;
website-one.com
website-two.com
etc.
So I've been doing some testing with getting this migrated to Route53, and I'm not sure this is straight forward to do when you want to use a single vanity nameserver across multiple domains. When I create 2x hosted zones in Route53, they get different nameservers that Route53 automatically generates, i.e.;
example.com Hosted Zone - ns-123.awsdns-456.com
website-one.com Hosted Zone - ns-789.awsdns-321.com
website-two.com Hosted Zone - ns-987.awsdns-654.com
etc.
As such, with there only being one option at the registrar for example.com to configure the Glue Records;
ns1.example.com - pointing to IP Address of the Route53 nameserver, i.e. ns-123.awsdns-456.com (1.2.3.4)
ns2.example.com - pointing to IP Address of the Route53 nameserver, i.e. ns-123.awsdns-456.net (1.2.3.4)
Then I'm a bit lost as to how you're supposed to get this kind of setup working in Route53.
The reason for wanting this is to avoid having to go messing around with the nameservers at all of the different domains, some of which I can easily access, others are a bit of a pain to get access to so they can be updated.
Thoughts on how to best approach this?
I have an ALB created with Terraform and a CloudFront Distribution which is so old that it's not managed by Terraform. My ALB was given a random number in the DNS name and I have concerns about entering this ALB DNS as Origin in CloudFront.
So my idea was, to setup a Route53 entry that would be more or less fixed and also managed via Terraform. But I haven't found a way so far that CloudFront will point to my Route53 hosted zone. Therefore I ask if a registered domain is necessary.
Is it possible that a CloudFront Origin points to a Route53 entry without a domain being registered, i.e. only to private or public hosted zone entries?
You seem to be concerned about the longevity of the DNS name of your ALB.
The DNS name of your ALB is static as long as your ALB exists. If you delete it, you'll get a new one, but as long as it stays, it will be static.
So if you don't plan to periodically delete your ALB, I'd be perfectly comfortable using it's DNS name as the origin in CloudFront.
About your DNS questions:
You can also add an ALIAS or CNAME record in a public hosted zone that points to your ALB (or it's DNS name in case of CNAME), which is managed by Terraform.
It has to be a public hosted zone with a real domain, i.e. some zone must be delegated through DNS to Route53.
Remember that you'll have to create a SSL/TLS certificate for this to work.
Afterwards you could set up the custom domain name as the origin in CloudFront.
This requires you to have a (sub-)domain that is delegated to your public hosted zone.
You can't do the same with a private hosted zone though.
CloudFront needs a DNS name it can resolve and since CloudFront is not part of your VPC, it needs a publicly resolvable DNS name, which the private hosted zone doesn't provide.
I have an application which is running on an AWS ECS cluster which has 2 instances. I'm using EC2 instance type for ECS. I also have an application load balancer attached to this ECS cluster which uses dynamic port mapping. Right now, the application is working fine with the Load balancer's domain name.
I'm planning to add SSL feature for the load balancer and also a domain name for my application. For simplicity, I'm planning to use AWS ACM to create SSL certificates for HTTPS connectivity. But I'm not very aware of the domain name registration and all.
So I'm not sure on where to attach this domain if I go for a new domain registration. What IP do I use for domain registration? Or If I have a domain name, can I attach it to my application.
But still, I'm not sure where to point to. Any help regarding attaching domain to app with ecs and aws alb will be appreciated.
Thanks in advance.
Basically, you have to create an A record in your DNS server pointing to the ELB.
Amazon has Route53 for registering domains, if your domain is registered with Route53 it's easy as selecting the ELB from the list on the route53 console.
If you host your domain on a different registrar (e.g. GoDaddy) then make sure your ELB is publicly available and use its address for host address if your domain A record.
I wanted to create an Alias record that simply points my naked domain name (zone apex) to a simple elastic IP address associated with a single EC2 instance. But that type of target isn't valid. It looks like the Alias Record targets are only limited to
Elastic Load Balancers (ELB's)
S3-Endpoints
Cloudfront Distributions
Other DNS Record Sets.
Can anybody shed some theoretical light as to why I am unable to use the A-record to point the domain to a simple EC2 with an ip address? Thanks.
Basic DNS 101
Yes. Create an A record containing the IP address of your instance. It isn't an alias, and it shouldn't be an alias.
Your issue is that your web server itself or Wordpress is misconfigured and is actively issuing redirects to what it wrongly believes to be the correct/desired name, which has nothing to do with how this A record is provisioned. Review your response headers and you will find a 30x HTTP response coming from your web server.
I have a domain registered with Fasthosts and I have pointed all the nameservers for the domain...mydomain.com at the Amazon nameservers.
I have an Amazon EC2 cloud instance with an Elastic IP and Route 53 set up.
I wan't to set up an extra domain. So blog.mydomain.com. I just don't know if I should set up a CName record? And if so where do I do it? At fasthosts or at amazon level?
Refer to this Amazon article to create a subdomain using Route 53.