Have two aws account.
Account-1 is having hosted zone abc.io
Account-2 contains the S3 bucket with static website.
How to create record set in Route53 in Account-1 so that my.abc.io routes the traffic s3 hosted website on another aws account.
You can create a DNS CNAME record in Route53 in your Account-1 for my.abc.io to a value of BucketName.s3.Region.amazonaws.com. where BucketName is your bucket name and Region is the region of the bucket.
This will let any caller redirecting DNS queries against your Route53 hosted zone towards Amazon's S3 DNS records, so this solution works on a DNS-level (not e.g. on HTTP redirect level).
Please note that a CNAME DNS record is just a textual value, that you can point to any domain name (even www.google.com). The value of a CNAME record does not need to be related to anything in your Account-1 or even anything related to an AWS resource anywhere.
Using a DNS CNAME record is just a way to tell a DNS requestor "hey, when you requested an A record for my.abc.io what you actually should be doing is requesting an A record for BucketName.s3.Region.amazonaws.com."
And AWS S3 buckets have a canonical naming scheme for their domain names.
See for further information:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/WebsiteEndpoints.html#website-endpoint-dns-cname
https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html#VirtualHostingCustomURLs
You can create the HZ my.abc.io in the account with the website and create a NS record in the account with the top domain to it and set the values to the same as the NS record in the HZ in the account with the website.
After this you create all the records needed to route the traffic to your site in the account with the site. This design I think keep the accounts HZ cleaner and easier to read/follow.
I have been using this design and really need to do so due to that we not only have one account that we have connected to the "top domain account".
Related
I purchased my domain from Google Domains. I then created Amazon S3 buckets to store my files and set up Route 53 to do my routing. It all worked fine when I put the Route 53 name servers into my Google Domain portal.
However, my email associated with the domain stopped working and I got this message on my Google Domains screen: "It looks like you’ve changed your name servers. All settings for your domain (including website, email, synthetic records and resource records) are currently disabled. To enable these settings, you will need to restore the Google Domains name servers."
So, I reverted back to the original Google name servers and then used the Website Forwarding to point to my S3 bucket (XXX.org.s3-website-us-east-1.amazonaws.com). Although the website loads, the URL is the very long S3 bucket name and I am wondering how to mask that back to just my original domain (www.XXXX.org).
I tried doing CNAMES and Synthetic Records but did not have any luck.
The original google domain records were not migrated across.
The resolution is to export the records and import the zone file into Route 53.
Once this has been completed update name server records for your domain in google to use route 53 name servers.
Finally update dns for your domain to resolve to your S3 bucket
I want to host a site on Amazon S3 servers (and use Route53 as a DNS).
I followed the tutorial from AWS page: https://docs.aws.amazon.com/AmazonS3/latest/dev/website-hosting-custom-domain-walkthrough.html.
Say, that my website is ex.ample.pl. I want it to be reachable from ex.ample.pl and www.ex.ample.pl.
What I did:
in S3 created bucket for ex.ample.pl,
in S3 created bucket for www.ex.ample.pl and redirected it to ex.ample.pl,
in Route53 created hosted zones for ex.ample.pl and www.ex.ample.pl,
for domain registrar I gave NS records for ex.ample.pl,
in Route53 in zone www.ex.ample.pl settings are like in
this picture . NS are not like in ex.ample.pl
As an effect, I can access the site at ex.ample.pl, but I can't at www.ex.ample.pl. Bucket redirection works for sure, there must be some error in DNS setup. Do you know what may cause this problem?
Im trying to link my domain name to a static website on aws S3
I have 2 buckets set up on S3 one is domain.com and the other is www.domain.com. doamin.com has static website hosting enabled
www.domain.com redirects to the domain.com
I can access my index page through: https://s3.us-east-2.amazonaws.com/domain.com/index.html
but it doesn't work with this url and I get an access denied message: https://s3.us-east-2.amazonaws.com/domain.com
I have 2 host records both are CNAME:
Host: #
Value: www.domain.com.s3-website-us-east-2.amazonaws.com
Host:www
Value: domain.com.s3-website-us-east-2.amazonaws.com.
In my browser it says "site can't be reached" when I have either of those cname values as my url. Also my domain is registered with NameCheap and I can't transfer it to route 53 as it is not old enough. I've never done this before so I really don't understand what I'm doing wrong.
You don't need to transfer the domain to AWS. All you need to do is create a hosted zone in AWS route 53. What you're going to do is set up a new DNS configuration inside AWS and then tell your registrar (NameCheap) to use the AWS nameservers.
Create the hosted zone with your domain name, domain.com
Create an A record for your domain. On the right side you'll see a radio button "Alias" choose yes, then click into the target box and wait for your bucket to appear under S3 Website endpoints. (More on this below).
Select your bucket and click create.
Head over to your registrar, NameCheap and configure the nameservers to use the AWS nameservers in the NS record from your AWS hosted zone.
In order for this to work you need to make sure your S3 bucket is named and configured correctly.
Your bucket name must match the domain name.
In the properties tab, you need to enable the static website hosting option and provide your index page.
In the permissions tab, click on bucket policy, then click the policy generator link at the bottom.
In the policy generator, select S3 as the type of policy
Set the principal to *
set the action to Get Object
set the ARN to the ARN for your bucket /*. For example arn:aws:s3:::domain.com/ *
Click Add statement, then generate policy and paste that into the bucket policy and save.
Finally upload your assets and you're done
Also my domain is registered with NameCheap and I can't transfer it to route 53 as it is not old enough.
You don't have to transfer it... the registration is locked, but the name server settings should not be... so you can use namecheap as registrar and still use Route 53 as authoritative DNS. And that is what you need to do. (You can transfer the registration to the Route 53 Registrar later, or never. Route 53 provides the two services, registrar and hosting, separately.)
Configure a new hosted zone in Route 53, configure it appropriately, and then change the authoritative nameservers at Namecheap to use the 4 nameservers that Route 53 assigned to your hosted zone.
It isn't possible to use S3 at the root (apex) of a domain that isn't hosted in a Route 53 hosted zone, because a CNAME at # is simply not a valid configuration. Some people will argue to the contrary, and some DNS providers even allow it, but it is still an entirely invalid configuration. This is why Route 53 introduced Alias A records. They are valid at the apex of a domain, and solve this issue.
Needed to have basicDNS on NameCheap and use www.domain.com as my main bucket and have domain.com redirect to the main bucket
I have hosted a static website on S3 with suitable bucket policy set. Viewing the "endpoint" in another tab works perfectly fine. After this I created a Hosted zone in route 53 to give it a desirable human readable address.
After creating the hosted zone, I have two records in my newly created hosted zone, One being of type NS and the other being of type SOA. So far so good. I go ahead to create a new record set.
I add the name as desired, enter type as 'A' - IPv4 Address tick yes for Alias, where in the drop down (Alias Target) i can see my previously created bucket endpoint.
I set the routing policy to be simple and Evaluate Health Target set to no. The record set is created successfully. However when i enter this name in another tab, I get the "Site can't be reached". I try and test the record set using the functionality provided by AWS. Here the response code i get is "NOERROR" which i assume is a positive response. Am I missing something here.
I have also referred to this video. Am I missing something. Also, I have not created the Hosted Zones myself.
A hosted zone is not the same as domain. You have to update the NS values for your domain registrar to point to the NS values as generated by Route53.
From the docs:
When you create a hosted zone, Amazon Route 53 automatically creates a
name server (NS) record and a start of authority (SOA) record for
the zone. The NS record identifies the four name servers that you give
to your registrar or your DNS service so that DNS queries are routed
to Amazon Route 53 name servers.
[...]
After you update the settings with your domain registrar to include
the Amazon Route 53 name servers, Amazon Route 53 responds to DNS
queries for the hosted zone even if you don't have a functioning
website.
NS transfer may take from 1 to 24 hours, depending on the registrar.
I faced the same issue. I bought domain thevegfoodies.com through AWS Route 53, created simple index.html page and uploaded to bucket thevegfoodies.com and set bucket for Static website hosting ,added public policy. created second bucket www.thevegfoodies.com and redirect to thevegfoodies.com, created aliases everything , read through documents everything. But nothing worked.
Until, i realized that my redirect bucket www.thevegfoodies.com was not set for public read access. I set it too Read bucket permissions for Everyone. (Note my primary bucket thevegfoodies.com already has public access.) and i could load my website using my domain name.
Now, I have read through AWS document again just to see if I missed this step of setting up public access for redirection bucket.
https://docs.aws.amazon.com/AmazonS3/latest/dev/website-hosting-custom-domain-walkthrough.html and all other steps to setup static website.
if you check Step 2.3: Configure Your Website Redirect, it is not mention that we need to set public access.
POINT- AWS Documentation is not clear. One need to have public access to redirect bucket too.
I've been having issues in linking a static website hosted on S3 bucket in one AWS account to a custom domain name regsitered on Route53 on another AWS account. Is it not possible to do such types of linking, where the S3 bucket and the Route53 are on two different AWS accounts? If so, what could be the solution for my case!
Thanks in advance.
An A-record alias is needed at the zone apex (e.g. example.com) but not for subdomains (e.g. www.example.com, because here, you can use a CNAME instead) when hosting a site on S3, and this doesn't work across AWS accounts.
However... there's one word in your question that leads me to believe the following solution may be useful. The word is "registered."
custom domain name regsitered on Route53 on another AWS account
If the domain is registered by the Route 53 registrar under one AWS account, you can still create a Route 53 hosted zone on a different AWS account -- the one with the bucket -- and then change the authoritative nameservers in the Route 53 console in the first account. This delegates operational control to the second account.
Create a hosted zone for the domain in account 2 (the same one as the bucket). Make a note of the 4 NS records that Route 53 assigns to the hosted zone. Do not change them. Just note what they are. Configure this hosted zone with the appropriate A record alias pointing to the bucket.
Then, in account 1 (where you registered the domain) in the Route 53 console, click "Registered Domains."
Select your domain.
Choose "add/edit name servers."
Enter the values for the Route 53 name servers that were assigned by Route 53 for the new hosted zone in account 2.
Wait a few minutes.
Test.
It will probably take at least 15 minutes for this to start working (it can theoretically take 48 hours but this is very unlikely), and after this, you can remove the hosted zone from account 1. Its configuration is ignored, anyway, if you don't.
Route 53 will continue to bill account 1 for the annual registration, but will bill account 2 for the hosted zone. Neither account will be charged for the DNS queries, but account 2 will be billed $0.00 for them, since the queries are against an alias pointing to S3, and in such cases, queries are free.
This should work just fine. It doesn't matter that the Route 53 entry points to a bucket in a different account.
You should follow these directions: Example: Setting Up a Static Website Using a Custom Domain with a few changes...
Basically:
Create a bucket with a name that matches your domain name (eg images.example.com) and activate Static Website Hosting
Copy the Endpoint presented. It will look like: images.example.com.s3-website.amazonaws.com
In Route 53 (in any account), create a Hosted Zone for your domain (eg example.com)
Within the Hosted Zone, create a Record Set for images.example.com of type CNAME. Then enter the Static Website Hosting Endpoint that was copied above.
Then test the domain. For example, images.example.com/foo.jpg should return the foo.jpg file from your bucket.
It is not possible to use Alias=YES for a Static Website in a different account.