Workaround for CNAME to external web sites at the zone apex

2 minute read
Content level: Foundational
0

If you wants to set a CNAME for an external system in a Route 53 hosted zone, and there is a Zone Apex or other record, it cannot be set. The workaround for this is described below.

As is known, it is stated in RFC 1912 that CNAMEs cannot be set together with other Resource Record Sets.

However, our customer may want to have a resource outside of AWS name resolved with CNAME.

For example, if a customer is using a CDN other than CloudFront and needs to use CNAME.

In this case, an Alias record cannot also be used.

Workaround

The majority of cases where CNAME is used in Zone Apex is for website browsing.

In this case, a new CloudFront distribution can be created and used as a reverse proxy to use an external CDN or other website as the origin.

Since Alias records can be set for CloudFront, this can be accomplished via CloudFront if there is a Zone Apex that was intended to be set as a CNAME.

In many cases this could be a workaround.

Example

foo.example.jp -> Zone Apex

abcdefg1abcde.cdn.example.net -> CNAME of External CDN

d1ab1c2ef3g4hi00000.cloudfront.net -> CloudFront Distribution

Domain Name: foo.example.jp

Value: d1ab1c2ef3g4hi00000.cloudfront.net

CloudFront Origin: abcdefg1abcde.cdn.example.net

In this example, we can see that the External CDN can be specified as the origin.

Although multiple tiers of CDNs add extra cost, if cacheable, the cost can be contained.

EXPERT
published a month ago831 views