I run a Django project deployed on AWS lambda using serverless Zappa framework. This can be accessed by a randomly generated link from AWS API Gateway lets say:-
randomly-generated-link.aws.amazon.com/production
I have also created an SSL certificate from ACM and verified it with my domain lets say
example.com
Now when i run zappa certify, this command certifies my domain successfully and creates a custom domain under API gateway console with the following configurations:-
Endpoint Configuration Edge optimized
Target Domain Name d25ihv8a5022zi.cloudfront.net
Hosted Zone ID A2FDTNGATAQYW6
ACM Certificate example.com (c504428e)
Now, I need to point my domain name example.com to randomly-generated-link.aws.amazon.com/production, so I updated my records on Godaddy with CNAME as follows:-
TYPE - CNAME NAME - example.com VALUE - d25ihv8a5022zi.cloudfront.net
TTL - 1 HOUR
EXPECTED RESULT - My application thats running on randomly-generated-link.aws.amazon.com show be accessable from example.com.
WHAT I GET - 403 ERROR
The request could not be satisfied. Bad request.
Generated by cloudfront (CloudFront)
EDIT:- So I get rid of zappa created custom domain and created new cloudfront distribution manually as follows:-
Delivery Method - Web Domain name - d35ihv8a5022fe.cloudfront.net
origin - randomly-generated-link.aws.amazon.com/production cNAMES -
example.com Status - Deployed State - Enabled
I did this because zappa generated cloudfront distribution is hidden in AWS console. However, I noticed Zappa generated distribution endpoint gives forbidden when I check the address in browser and the newly created distribution endpoint redirects to my application.
Still, going to example.com gives me 403 error.
It's not a DNS problem anymore, Could it be because Edge optimized uses CloudFront and it takes some time to deploy the new custom domain to all the edge location ? How long have you waited after enabling custom domain name ?
While debugging I like to keep TTL as short as possible. I'd set the CNAME TTL to 1 minute
Check that api-gateway custom domain names has your domain listed and you have the Base Path Mappings set correctly.
Base Path Mappings
Path /
Destination [lambda endpoint] . [production]
It may also be a good idea to host the domain if possible on route53
Apparently, I got it working. Moved my Domain nameservers to route53 and in zappa_settings.json added
"route53_enabled": true
and recertified again using zappa certify production command.
Had to wait for 40 minutes and it works!
Although, I have no idea why it does'nt work when domain management is with godaddy. Lets say route53 is a quick workaround at the moment.
Related
we are using route53 to manage our domain, however our www.ourdomain.com is not resolving to https.
1) Currently, we have an AWS Classic Loadbalancer with an certificate installed so that we can serve the following domains:
admin.ourdomain.com
2) The certificate we created with AWS Certificate Manager, has registered www.ourdomain.com, and ourdomain.com, as well as admin.ourdomain.com. All have been set up successfully.
3) In Route53, our admin.ourdomain.com has an A record pointing to the ALIAS of our loadbalancer.
4) In Route53 www.ourdomain.com has an A record pointing to two external IP Addresses which are firebase servers hosting our mobile app.
www.ourdomain.com is NOT resolving to https. What must we do to have them resolve to hTTPS?
I figured out the problem. I actually had to wander over to Firebase, login, and click on hosting. I then pressed "Add a domain" and added www.ourdomain.com.
It then asked me to verify the domain with a TXT record, which I added to Route53.
It then verified after waiting a bit. After this, Route53 asked me to add two A records .. which I did... after about 1 hour, our domain resolved properly to https
I have a Heroku app set up with SSL certificates, and my DNS does not allow CNAME records at the Apex level. Meaning, I cannot point my A Record at my Heroku app URL (A level records can only be IP addresses and Heroku cannot provide a static IP).
There other methods (both here on stack and on heroku's guides) that recommend using other DNS providers, but I would like to try and solve this with AWS (Specifically Route53), while also retaining our https:// in the domain for SSL.
I found some guides on how to do this, but there seemed to be complications (headers messed up, cannot retain https etc). I will provide an answer below outlining how I achieved this, but encourage discussion on what repercussions my solution may incur.
I discovered this guide on the Heroku website:
Configuring Amazon Route 53 DNS for Your Heroku App
The outline of the solution is to create an S3 bucket as a static website host that simply redirects to your Route53 hosted zone. Here are the basic steps:
Create a new hosted zone on your Route 53 Management Console with your domain (example.com)
Create a CNAME entry for www.example.com with the value set as your heroku custom domain (www.example.com.herokudns.com)
Create an S3 Bucket with the same name as your domain (example.com), and set it as a static website host
In the settings for static website hosting set this to "Redirect Requests" and set the target as www.example.com and the protocol to https
Return to Route 53 and add an A Level Alias with the target as your newly created bucket
Finally point your DN Providers Name servers at your new Route 53 hosted zone (you can get the list of name servers from the sidepanel in your management console)
And that's it! After the TTL expires on your Name Servers your site should be up and running and both example.com and www.example.com
I am having troubles with setting up custom domain for my heroku app.
here is my heroku app:
https://evening-beyond-1234.herokuapp.com/
and let's say it is my domain:
my-fake-domain.com
So I want my app being able at this domain.
I've added this domain to heroku app domains:
$ heroku domains
=== evening-beyond-1234 Heroku Domain
evening-beyond-1234.herokuapp.com
=== evening-beyond-1234 Custom Domains
Domain Name DNS Target
---------------- ---------------------------------
my-fake-domain.com evening-beyond-1234.herokuapp.com
And on the site where I've bought the domain I can change DNS, so I did this:
1) Type of DNS -> DNS from other hosting provider
2) 1st DNS server (*required) -> evening-beyond-1234.herokuapp.com
3) 2nd DNS server (*required) -> evening-beyond-1234.herokuapp.com
I put the same for the second DNS, because it is marked as required, so I need to specify two DNS.
It's been a few days after these changes and it does not work.
There is also another option for changing DNS: extended DNS editor.
I can specify CNAME entries and others there.
Any ideas what I am doing wrong?
I am completely new to this area, it should be just a silly mistake from my side %)
Your configuration is incorrect. What you are doing is that you are changing the name server of your domain, hence moving the delegation to Heroku.
However, Heroku is not an authoritative name server, hence you can't delegate your domain to them.
What you need to do is restore the delegation at your hosting provider and, instead, check the documentation of your hosting/DNS provider to learn how to create an A or CNAME record to point your domain to Heroku.
Also note that you will not be able to point your apex domain (hence my-fake-domain.com to Heroku unless you use one of these DNS providers that support a CNAME-like capability for the apex domain.
Regardless who you use, you can create a CNAME record to point www.my-fake-domain.com to evening-beyond-1234.herokuapp.com.
For my-fake-domain.com you either create an ALIAS/ANAME according to one of those provider documentation, or you redirect the domain to the www version.
This is probably an incredibly simple question, but I haven't been able to find out what specifically I'm doing wrong here.
I have a site hosted on Amazon EC2, a domain name registered with GoDaddy, and Route 53 nameservers. Let's call the site domain.com...
I've set everything up with:
The GoDaddy nameserver fields set to the Route 53 nameservers
A hosted zone for domain.com on Route 53
In this hosted zone, a record set
In this record set, two A Records for "domain.com" and "www.domain.com", both of which point to the Elastic IP of my EC2 server
This works, and when I go to domain.com, I get redirected to my site. However, the url does not get labeled as "domain.com/index.php" but instead as "ec2-XX-XXX-XXX-XXX.compute-1.amazonaws.com/index.php".
What am I missing here?
As a PS, I just want to temporarily have domain.com route correctly -- I don't care about static IP at this point.
The setup is correct. You have something in your application that is redirecting requests. Wordpress will redirect to the domain it was installed on, other application do the same thing. To fix you may have to update options in the database or in a config file.
I'm running into this problem trying to link my Godaddy domain with an AWS Elastic Beanstalk instance. I found a lot of documentation on how to link an EC2 instance with a domain on Godaddy but not for Elastic Beanstalk instance. So I ended up with this URL: www.MY_SITE.elasticbeanstalk.com
Here is what I did for an EC2 instance:
I updated the Nameservers on my Godaddy domain with the ones from my Route 53 Hosted Zone.
I created a new Elastic IP on the EC2 console.
I went back to Godaddy and updated the DNS A # field from their DNS Manager, with the EC2 Elastic IP one.
You normally have to wait 1h to 48h and it should work.
How can I do the same for a AWS Elastic Beanstalk instance, not an EC2 one? I can't see the instance I created from my EC2 console in order to link it to an Elastic IP.
Hope this is clear enough.. Any help?
No need to create a CNAME or do any forwarding - this is bad from the point of SEO and not recommended by Amazon. Even you should not point a record to IP directly - it will cause a lot of troubles in the future because IP can be changed any moment.
The most elegant way is to migrate DNS service from GoDaddy to Route 53. You still will be with GoDaddy, but handling requests for your site will be on Amazon's side.
Here is what you need to do:
Create a new Hosted Zone for your site in Route 53 console:
Open newly added domain name, find NS record and copy servers:
In GoDaddy's Domain Manager export records via "Export Zone File (Windows)".
Import those records to Route 53 ("Import Zone File" button).
In GoDaddy's Domain Manager set custom DNS nameservers, obtained on the 2nd step:
Migrating might take some time (even days).
Now you can link you domain with your Elastic Beanstalk site. To do so select/create proper A record type in Route 53 and set Alias for it:
Here's what I did when I was facing the problem of linking a GoDaddy domain with AWS ElasticBeanstalk.
DNS Manager:
A record #: 64.202.189.170 (that is GoDaddy's forwarding IP btw)
Cname www: AWS EB domain (e.g. awseb-xyz.us-east-1.elb.amazonaws.com)
Forwarding:
Forward Domain to www.example.com (forward only, without masking)
Forward Subdomain to AWS EB domain (e.g. awseb-xyz.us-east-1.elb.amazonaws.com) (with masking)
In order to access the site without www (e.g. http://example.com), I had to set up the forwarding of the domain to the www cname. This www cname then gets forwarded to the AWS EB domain (with masking in order to keep www.example.com in the address bar).
You should add a CNAME record to your Godaddy domain name that maps from www.yourGoDaddyDomain.com -> MY_SITE.elasticbeanstalk.com.
That will direct requests to your domain name to the load balancer that is running in your elastic beanstalk environment. You don't want to route your domain name to a specific server (i.e. an elastic IP), you want it to go to the load balancer and that will route requests to your server(s). Since AWS Load balancers don't use IPs (they use domain names), you don't want to set up an A record for this - a CNAME record maps domain names to domain names.
Look at the "Adding or Editing CNAMEs" section of the GoDaddy documentation on how to do this.
Your route53 configuration has to point to the load balancer, not the ec2 instance