I need create a custom url for my aws api gateway. My domain example.com is managed by google domains. Now I need to link my api which has an aws url like xxxxxxxxxx.execute-api.us-east-1.amazonaws.com to a custom subdomain like api.exemple.com .
exemple.com is already setup in google domains. Now I need to add the subdomain. I tried to add :
host name : api.example.com
type : CNAME
ttl : 10 minutes
data : xxxxxxxxxx.execute-api.us-east-1.amazonaws.com
But it doesn't work as I get this following error from postman when testing the new address :
with https
Error: write EPROTO 140376973400152:error:100000f7:SSL routines:OPENSSL_internal:WRONG_VERSION_NUMBER:../../third_party/boringssl/src/ssl/tls_record.cc:242:
with http
<H1>403 ERROR</H1>
<H2>The request could not be satisfied.</H2>
Any suggestion ?
Ok maybe this isnt the only way to do it but this is how iv done it before.
First you need to set up and Elastic IP that is linked to your EC2 Instance.
Once you have the IP set up you can then go to Route 53 in your AWS console and set up a hosted zone.
In this hosted zone that you create you would pout the Domain name as api.exemple.com and leave public hosted zone checked and click create hosted zone. Once this zone is created you would go into that zone and click create record which then you will put the elastic IP as the Value area and leave everything as is and click create records.
Once this is done you can go to google and create a A record where api.example.com point to the Elastic IP address.
Sorry i hope this helps i know its a bit confusing but i got it to work this way.
Related
I have existing hosted zone and A record in AWS route 53. The A record is pointing to cloudfront distribution.
lets say the hosted zone name is abcd.ci.example.io. The A record name is same as hosted zone. I can access the web site at abcd.ci.example.io without any issue.
I also have AWS Gateway API with invoke url https://xxxxx.execute-api.us-west-2.amazonaws.com/dev I can access a particular API route from the browser using invoke url https://xxxxx.execute-api.us-west-2.amazonaws.com/dev/v1/healthcheck
I want to assign a custom domain name to invoke url. So I created a new CNAME record in the hosted zone as api.abcd.ci.example.io and set the value to https://xxxxx.execute-api.us-west-2.amazonaws.com/dev
But then when I try to access a route using https://api.abcd.ci.example.io/v1/healthcheck I get error This site can’t be reached
A simple command line ping to api.abcd.ci.example.io also returns error as Ping request could not find host api.abcd.ci.example.io. Please check the name and try again.
Below is list of records in hosted. There are couple of acm validation records as well for both the domains.
Before API Gateway will let you point your custom domain to it, you first have to setup the custom domain in API Gateway, which includes setting up the SSL certificate API Gateway will use for that custom domain.
I'm starting out on AWS and try to host a website on the platform. The S3 bucket and its content is set up and i'm able to access the website via the url s3 is providing.
Permissions and properties are set to accept public traffic and that the bucket is used to host a website. The index document is correct.
Now i want traffic to be redirected to my domain visionranger.com, but it shows the error "IP address could not be found"
I tested this issue on 4 different devices across multiple browsers (including Chrome, Safari and Firefox).
Bucket, domain and hosted zone do have the same name and as AWS recommends, I asked my previous provider if they transferred the dns services to the new provides (in this case route 53) and they did.
I waited longer than 48 hours after settings everything up before writing this so all services should be working by now - but they don't.
The image shows the dns records of route 53.
I am grateful for any help.
By running a DIG command to get the NS value of your domain it returns a SERVFAIL indicating that the configured nameservers for your domain do not contain the record for you domain.
The next step is to run a whois which indicates your configured nameservers are below:
NS1.BDM.MICROSOFTONLINE.COM
NS2.BDM.MICROSOFTONLINE.COM
NS3.BDM.MICROSOFTONLINE.COM
NS4.BDM.MICROSOFTONLINE.COM
As you're trying to use a Route 53 public hosted zone you will need to update your domain registrar to use the nameservers found under the NS record of the public hosted zone.
Follow the instructions here for your specific domain.
I created an Instance (Windows Server 2016) within AWS and the domain URL amazon gave me as below:
ec2-10-212-103-15.us-east-2.compute.amazonaws.com
Then, to create a subdomain I went to Route53 (https://console.aws.amazon.com/route53/home#Dashboard)
Here is the picture of my configurations:
But I still cannot open http://uat.ec2-10-212-103-15.us-east-2.compute.amazonaws.com/
(Note: The IP is made-up)
What do I need more to do?
Thanks
You're getting it wrong. Route53 is for custom domains you purchase from any of source (GoDaddy, Amazon, Namecheap naming a few).
The URL ec2-10-212-103-15.us-east-2.compute.amazonaws.com you've mentioned isn't the domain name. It is actually DNS to your server. If your instance is not behind a NAT gateway then you can directly access it through ec2-10-212-103-15.us-east-2.compute.amazonaws.com else you need to place a load balancer with public accessibility or place instance behind an internet gateway.
I have create a AWS elastic search domain in Virginia and got a Endpoint url.
Now I wanted to configure the Route53 behavior around it, so that a caller can use the same url, even though there is some change in elastic search or in case of a disaster recovery.
So,
Virginia Route 53 -- 1 Points to -- Virgina Elastic Search Domain URL
Oregon Route 53 -- 2 Points to -- Oregon Elastic Search Domain URL
Main Route 53 -- 3 Points to -- Route 53 1 or 2
I have already create these and also created and uploaded SSL certificate with correct SAN entries. But when I execute,
curl https://mainroute53/health
curl https://virginiaroute53/health
curl https://oregonroute53/health
I am getting this error,
curl: (51) Unable to communicate securely with peer: requested domain name does not match the server's certificate.
But when I am calling the Elastic Search URL directly its working. So I understand this is a issue with the way I am using the certificate. Any help appreciated.
Your Elastic Search endpoint will always return the Elastic Search SSL certificate.
So when you create a Route 53 "alias" for it, you may be connecting to it via your custom DNS entry, but Elastic Search will still use the Elastic Search SSL certificate.
Since the DNS endpoint you're using does not match the SSL certificate, you get that error.
You could use the --insecure curl flag to have it not check the SSL certificate, however, there are risks of doing that.
You can probably work around this by setting up a proxy server in front of the Elasticsearch domain, although it's kind of silly since there appears to also be an ELB inside the Elasticsearch domain. Ah well.
The domain Amazon ES creates for you includes the nodes in the Elasticsearch cluster and resources from several AWS services. When Amazon ES creates your domain, it launches instances into a service-controlled VPC. Those instances are fronted by Elastic Load Balancing (ELB), and the endpoint for the load balancer is published through Route 53. Requests to the domain pass through the ELB load balancer, which routes them to the domain’s EC2 instances.
https://aws.amazon.com/blogs/database/set-access-control-for-amazon-elasticsearch-service/
One way you can access Elasticsearch using your custom domain name is to use an API Gateway as an HTPP proxy. But then you have to deal with the authentication part since the Cognito cookies for ES will be pointing to the original domain (*.es.amazonaws.com).
In my experience this is doable and you should be able to use API Gateway (plus Custom Domain Names and Route 53) to achieve what you want (having a custom domain name over ES). It's just that it requires some Cognito knowledge and most likely, some coding (to handle the cookie problem).
You can use the http endpoint instead of the https one
i.e
curl **http**://mainroute53/health
This works around the fact that AWS does not allow providing custom domain certificate in its managed Elastic service
We had the same issue, wanted to be redirected to Kibana with a more friendlier DNS name and we used the solution with S3 bucket and the redirection as described here.
The steps:
Create a S3 bucket with any name.
In the bucket properties, enable “Static Website hosting”.
In the Static WebSite hosting properties, select the option to “Redirect Requests”.
In the target domain set the Kibana URL that is given from your elasticsearch domain: i.e. https://vpc-es-randomstring.us-east-1.es.amazonaws.com/_plugin/kibana/
Set Protocol to https
Then follow the steps from Step 5 on the guide above
I am new in the Amazon EC2 world, I just created an app, that is located URL like this:
http://ec2-54-123-45-678.compute-1.amazonaws.com:8080
This is generated URL by Amazon EC2.
Now I would need to use my own domain name, so when I would access www.my-domain-name.com, I would like to see the content from
http://ec2-54-123-45-678.compute-1.amazonaws.com:8080
I bought the domain name on Godaddy.
Is there any way to do this in Amazon AWS dashboard or do I need to set it up in Godaddy system?
Thanks
I am answering on a more general level because I stumbled upon this thread when setting my custom domain.
In Amazon I created an instance and associated an IP to that instance. You were able to access it by typing in the amazon url
I actually used Media Temple not GoDaddy, but it will be similar. I went to the zone file and added that public url to the www
And as you can see, here is my blog actually working on the custom domain.
I set the wildcard because that way, no matter what someone types, if it is not set, then they will still see the site.
EDIT
For the root URL you should be entering your elastic IP and setting that as an A record.
First you need to set an ElasticIP for associated to that instance.
Then point the DNS entry of "www" for "my-domain-name.com" to the IP assigned in the step above.
Where you manage your DNS is another thing, can be in GoDaddy or in AWS Route53. You must adjust the delegation DNS in the "my-domain-name.com" register. Ex: your domain can be registered with GoDaddy but its delegation DNS point to Route53 so you can manage the domain from your AWS Console.
In order to setup DNS mapping you can map the existing IP 54.123.45.678 to ex: www.my-domain-name.com.
However, as you are running tomcat which is running at 8080 you need to forward the the request to the tomcat using Apache. So that you can visit www.my-domain-name.com without port 8080. If you are using linux box install Apache, apache-modjk and then configure sites.