Route53 - DNS - hosted zones
Created: 2016-02-22 09:39:16 -0800 Modified: 2019-02-12 17:17:17 -0800
General information
Section titled General informationSetting up a hosted zone is one of the few things on AWS that is not pro-rated. It costs 50¢ per month (plus tax).
Allowing “www.example.com” instead of just “example.com”
Section titled Allowing “www.example.com” instead of just “example.com”So this isn’t actually just a Route53 problem… my setup is like this:
- The registrar of bot.land points to Route53’s nameservers
- Route53 has an A record for “bot.land”
- CloudFront only allowed traffic from “bot.land”, not “www.bot.land”
To fix this, I edited my CloudFront distribution’s general settings so that Alternate Domain Names (CNAMEs) included both bot.land and www.bot.land.
Just make CNAME record for “www” in your hosted zone that points to “bot.land”.
Private vs. public hosted zones
Section titled Private vs. public hosted zonesYou can always use a public hosted zone and have it point at internal DNS addresses, e.g. overseer.bot.land —> 10.0.0.5. Everyone will have access to the DNS record (“overseer.bot.land”), but it will point to an address on their own network. There are two issues with using a public hosted zone in this way:
- PCI-compliance - if you’re ever going to handle payment data, then you need to have a private hosted zone.
- People will know which internal IP addresses you use, so if they get access to one endpoint, they’ll know the addresses of your other endpoints.
Public hosted zone
Section titled Public hosted zoneIn order to set these up, you go to Route53 —> Hosted Zones —> create. The big thing to keep in mind is your domain’s name servers. For example, I registered bot.land through name.com, so I needed to sign into name.com and adjust my nameservers so that they were referring to Amazon’s nameservers. After making this change, you need to wait about 5-10 minutes for it to propagate. You can check the progress of this propagation using sites like this:
https://www.whatsmydns.net/#NS/bot.land
https://whois.icann.org/en/lookup?name=bot.land
Notes:
- When making the change to nameservers, any subdomains you have will stop working. You need to make AWS handle this.
- If you’re pointing at a shared host, you’ll need to go into CPanel and either add an addon domain or a parked domain (AKA an “Alias” in CPanel). I added an addon domain and then used the CPanel “Redirects” feature to point it at another domain (note: I needed Leaf to give me permission for an addon domain).
Using Route53 to point to a subdomain on another host
Section titled Using Route53 to point to a subdomain on another hostI have Route53 managing bot.land, and I wanted wiki.bot.land to point to bot.land/wiki. First, I set up bot.land on my shared host (via CPanel) to have a subdomain pointing wiki.bot.land at public_html/botland/wiki. Then, in Route53, I made an A record that points wiki.bot.land at the same IP address as bot.land. To test this out before waiting for DNS to propagate, I simply added this to my hosts file and it immediately worked:
108.178.4.90 wiki.bot.land
Private hosted zone
Section titled Private hosted zoneA private hosted zone is a set of DNS records for internal traffic only, meaning you don’t even need to own the domain name that you’re setting up DNS for.
Setting it up:
- Leave the TTL of NS (name servers) and SOA (start of authority) set to whatever they are.
- Change the TTL of any A records you create to 0 so that no caching takes place.
- Update your VCP so that these are enabled:
- enableDnsHostnames
- enableDnsSupport
- Note: as of 2/22/2016, they’re called “DNS resolution” and “DNS hostnames” in the UI.
- Test that you set it up correctly by SSHing into a machine, running nslookup, and then typing your A record’s name (e.g. overseer.bot.land) to make sure that it resolves to the correct IP address. You don’t actually need