Google domains work for front and backed? - amazon-web-services

I currently have a website registered under google domains that my react front end is using on netlify. "https://www.getnailed.art"
I built a back end on aws beanstalk and but i need a ssl certificate to make the requests work.
can i use my domain name for the api backend on AWS as well? or do i need to register a new domain name like "www.getnailedAPI.art" ?

Do not have to register new domain on AWS.
you can simply manage 3rd party domains using route 53 service
Docs for reference -> https://docs.aws.amazon.com/amplify/latest/userguide/to-add-a-custom-domain-managed-by-google-domains.html

Related

AWS Amplify Cloudflare custom route

I have a small react app that is hosted in AWS Amplify.
My domain is controlled by Cloudflare. I set up the DNS in it to point to AWS Amplify apps. It works fine with the domain and its subdomains.
But I want to have multiple apps on the main domain but with different route. For example
domain.com/app1 -->
domain.com/app2 -->
Is it possible to do using just DNS/Cloudflare/Amplify or I need a reverse proxy for it like nginx?
Thanks!
If you have a Cloudflare paid account, you could use Resolve Override with Page Rules which allow you to resolve DNS differently for specific paths.
Example:
https://support.cloudflare.com/hc/en-us/articles/206190798-Using-Resolve-Override-in-Page-Rules
Or you can also write a Cloudflare worker to handle it for you.

How can I let my HTTPS frontend server connect with my HTTP rest API?

I have a React.js web app deployed via Google Firebase hosting. I also have an express Rest API deployed via AWS EC2. I have been so far unable to get the React app to interact with the express API because it is using HTTP. I tried to get all the SSL/cert stuff figured out to enable HTTPS on the backend but it seems like it will not work because the cert is not signed by a Certificate Authority.
Is there any workaround or other solution here? Thank you in advance.
A web browser will not accept a self-signed SSL certificate. In order to generate a legitimate SSL certificate you must first own a domain name.
You need to purchase a domain, and point your domain or subdomain to the EC2 instance. Then you need to create an SSL certificate that actually matches that domain name or subdomain, using an SSL provider like Let's Encrypt that will actually be accepted by modern web browsers.
Finally you will need to use that domain name in your API calls.
You could place a Load Balancer, or CloudFront distribution, or AWS API Gateway, in front of the EC2 server, at which point you could use a free AWS ACM SSL certificate.
If you don't want to purchase a domain name, you could still place CloudFront or API Gateway in front of the server and use their default endpoint which will also provide SSL.

Integrating Azure Services with Route53 Hosted Domain

I have a domain hosted on AWS Route53, but would like to enable Azure services such as Azure AD and 365 to be addressable on the same domain name.
Notably, I would like to keep the main domain under route53 control rather than delegating the entire address to Azure.
What would be the recommended method for integrating the 2 public cloud services, I am unsure if I should manually add CNAME records etc for the required Azure services or if I should look to delegate a subdomain to Azure's domain services directly (such as azure.example.com, while keeping example.com on route53).
Alternateively, should I register an entirely new domain (msexample.com) on azure, and if so how would I make these integrate email etc.
Thank you very much for any advice or direction on best-practices you can provide.

Google Domains to AWS Route53 HTTPS

I have a domain hosted through Google. I'm using Google Workspace for a lot of my day-to-day operations (e.g. Drive, Gmail, etc). I'm using AWS as my infrastructure and business logic for my application. I'm having trouble making my site support TLS. If you visit it now, you get this on chrome and I can't seem to make HTTPS requests work.
I have my domain pointing to AWS via Custom Name Server.
My route 53 has the NS type records listed under the hosted zone
I've tried to request a Certificate from AWS to make it work.
My problem is I don't know how to tell Google about it. How do you let Google know about the certificate so I can make my site HTTPS?
I believe approaching Google is not going to solve your issue as in the above case Google is only responsible to host your domain . So DNS setup is only responsible to route requests to your site and not making your site more secured.
I also found that you are exposing your site as http rather than https and thats why your site is unsecured.
Is your site is running on a web server or is it hosted on S3 as static web site ?
Note: you cant enable https on S3 static website.
The workaround to above problem is below :
Route53 has A record to pointing to ALB (configured with ACM) distributing traffic to Ec2 instances running your web application.
If anyone is still looking. I wanted to keep it cheap with a simple S3 static website. If you want to maintain the S3 part, make a CloudFront distribution (if you haven't already.
Inside the CloudFront under the main settings, use a Certificate you made from Certificate Manager.
Then head over to Route53 (even if the domain is hosted via Google) and route the "A" name record to the CloudFront. NOTE: make sure the "Alternate Domain" name is filled in or else it won't see it.
Let it update for about a minute or two and it will show https

AWS API gateway domain mapping

I have domain with aws example.com, currently I have record set so that when user goes to example.com, it serves static website from S3 (done with angular). Now, I have backend api (Lambda and API gate way), which is has url something like,
https://randomid.execute-api.region.amazonaws.com/Prod/api/getSomething?id=1
so, what I am trying to do is if front end makes a http call to example.com /api/getSomething?id=1, it should return me data (since I am using relative urls).
I was reading aws documentation, it seems i cannot use root domain, I have to use subdomain (api.example.com), I am ok with it. But, I am not sure how can i do that, any help would be appreciated.
Also, I may move my front end to subdomain (web.example.com), if I do that, with my backend at (api.example.com, hope fully I will figure this part), will I run into CORS issue?
Go through this AWS developer guide to change the domain name.
Apart from DNS configurations, it also requires to have a SSL certificate for the custom domain (Which could be taken from AWS Certificate Manager for free).
Also note that an API's custom domain name can be the name of a subdomain or the root domain (aka, zone apex) of a registered Internet domain.
If your Web and API have different subdomains, it will run into CORS. However you can setup a CloudFront distribution infront of both Web and API to avoid CORS.