I'm currently working on a client project in AWS. We have a REST API with AWS Lambda and API Gateway. The frontend is available via Cloudfront and stored in an S3.
The API should be available under api.client.com and the frontend under admin.client.com.
My problem is that the client's domain is hosted externally and not fully managed in Route53.
Is there a way to get create subdomains (api and admin) in Route53 oder to create an A-Record in the external DNS pointing to API Gateway / Cloudfront?
I would say that you should create a domina named anything in your account and have A records pointing to the API Gateway and the Cloudfront.
These A records you point to from the main domain with cname records.
So in the main domain you have:
api.client.com CNAME api.yourR53domain.com
admin.client.com CNAME admin.yourR53domain.com
In R53:
api.yourR53domain.com A (your api gateway endpoint)
admin.yourR53domain.com A (your frontend endpoint)
Related
I have existing hosted zone and A record in AWS route 53. The A record is pointing to cloudfront distribution.
lets say the hosted zone name is abcd.ci.example.io. The A record name is same as hosted zone. I can access the web site at abcd.ci.example.io without any issue.
I also have AWS Gateway API with invoke url https://xxxxx.execute-api.us-west-2.amazonaws.com/dev I can access a particular API route from the browser using invoke url https://xxxxx.execute-api.us-west-2.amazonaws.com/dev/v1/healthcheck
I want to assign a custom domain name to invoke url. So I created a new CNAME record in the hosted zone as api.abcd.ci.example.io and set the value to https://xxxxx.execute-api.us-west-2.amazonaws.com/dev
But then when I try to access a route using https://api.abcd.ci.example.io/v1/healthcheck I get error This site can’t be reached
A simple command line ping to api.abcd.ci.example.io also returns error as Ping request could not find host api.abcd.ci.example.io. Please check the name and try again.
Below is list of records in hosted. There are couple of acm validation records as well for both the domains.
Before API Gateway will let you point your custom domain to it, you first have to setup the custom domain in API Gateway, which includes setting up the SSL certificate API Gateway will use for that custom domain.
Okay , i need help with right direction . I bought divyanayan.com domain in go daddy portal.
Second Step is, I created a certificate in AWS certificate manager , which gives me Cname and cValue . i used these cname and cvalue and added in the manage domain of godaddy domain i.e divyanayan.com . this validated my certificate .
After this was done i created a public api gateway endpoint and mapped to api gateway cdn .
https://vpyueoq2i9.execute-api.ap-southeast-1.amazonaws.com/dev
My requirement is i want to invoke this url from domain name divyanayan.com (which is configured using cname and cvalue of the certificate). what am i missing here do i need to add the follwing mapping as well to godaddy i.e
divyanayan.com -> API Gateway domain name
Please let me know the right direction.
With the setup that you currently have, I recommend using Cloudfront to serve as a proxy between your domain and your API Gateway endpoint. This would be beneficial in the long run if you want to map paths of the domain to other origins including other API gateway endpoints. You would also have more flexibility and control over how your traffic flows between your domain and the endpoint (eg. attaching lambda functions between API requests).
Here are two guides to help you get started:
Setting up API Gateway with cloudfront
https://aws.amazon.com/premiumsupport/knowledge-center/api-gateway-cloudfront-distribution/
Setting up self-hosted/thirdparty-hosted domain with cloudfront
https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html
Hello I´m using Cloudflare to manage my domain DNS and I want to route
test.domain.com to an AWS rest api gateway. is that possible? or I need to fully host the domain in route53?
I tried with
created lambda function
created api gateway (with Authorization set to NONE)
created a certificate for the domain
created the custom domain in api gateway
now when I go to test.domain.com I see
{
message: "Forbidden"
}
Yes of course you can do this, if you setup a custom hostname in API Gateway with the domain name as your subdomain you will be given a DNS name. When you configure this you will add a path binding to a stage in API Gateway which will then route traffic to your deployment.
You would then assign this as the value to your DNS CNAME record for your subdomain.
More information about setting up a custom domain name is available here.
I am trying to setup a custom domain endpoint for API gateway published endpoint but not able to set.
I've followed all steps
Custom domain DNS is managed by AWS (aws cannot own this as its a .ai URL)
Created ACM Certificate for subdomain. (subdomain.host.ai)
Add Custom API in API Gateway with Mapping to particular Stage
Add A record for custom domain to point to "d-abcde12345.execute-api.us-west-2.amazonaws.com"
What might be going wrong.
When you are pointing to a DNS hostname, rather than an IP, you need a CNAME record. More importantly, when you assign a custom domain to your API Gateway, it will create a CloudFront distribution for you and gives you a CloudFront endpoint: E123CNFSOMETHING.cloudfront.net. You need to create a CNAME record in your registrar dashboard to point to this address, not the API Endpoint:
FROM TO TTL
subdomain E123CNFSOMETHING.cloudfront.net. 300
I have:
Route53 Hosted Zone with DNS example.com.
API Gateway wiht DNS z8n73n8d123.execute-api.eu-west-1.amazonaws.com.
Now if I want to point, lets say, api.example.com or example.com/api (does not matter) to an API Gateway there are at least few ways to do it:
Use an Alias A record in Route53. But before that i need to add BasePathMapping and DomainName attributes to an API Gateway, create a Certificate (which MUST be in us-east-1). Creating certificate in us-east-1 is a deal breaker for me so I can not use it.
Redirect using S3 bucket. But this looks like a shameful workaround introduced by AWS itself. Also additional charges would apply by triggering S3 every time a redirect should take place. So it is again a deal breaker for me.
Use CNAME record???
???
Are there any other viable solutions how to point some-sub-domain.example.com or example.com/whatever to an api gateway?
CloudFront's home region (where its control plane APIs are hosted) is us-east-1, and CloudFront provides the "edge-optimized" feature of API Gateway. This is why -- in "edge-optimized" configuration -- the cert goes in us-east-1, because that's where CloudFront is integrated with Amazon Certificate Manager (ACM).
But if you choose a "regional" API deployment then the certificate goes in ACM in the same region as the API Gateway deployment itself.
See Set Up a Custom Domain Name for a Regional REST API or WebSocket API in API Gateway in the Amazon API Gateway Developer Guide.