Custom domain names with the CDK

0

When using the CDK to create a few services (cloudfront and cognition) I run into a circular problem: I can't create the custom domain in the service until the CNAME record exists, but the CNAME record can't exist yet because I haven't created the service.

Example:

    const domainNames=["my.something.com"];
    const certificate = Certificate.fromCertificateArn(stack, "some-id", "arn:aws:acn:us-east-1:........");

    const cfconfig = new CloudFrontWebDistribution(stack,
        "xxx-cloudfront-static",
        {
           /* more stuff */
           viewerCertificate: ViewerCertificate.fromAcmCertificate(certificate, { aliases: domainNames })
        }
    );

This attempt just gets you this:

One or more aliases specified for the distribution includes an incorrectly configured DNS record that points to another CloudFront distribution. You must update the DNS record to correct the problem. For more information, see https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html#alternate-domain-names-restrictions

This happens with Cognito as well. To get around this, I have to omit the custom domain, then give the ops team manual instructions to

  • Deploy the stack
  • Go into the console and get the real cloudfront and cognito distribution hostnames
  • Modify the CNAME records in their DNS (not route 53)
  • Go back into the console and manually set up the custom domains for cloudfront and cognito

Is this just the way it is or am I missing something?

It is possible this is just a matter of patience. I destroyed my stack and created it again, but I had old CNAME records now pointing to the new place. I deleted them, but maybe I need to wait longer for them to time out. I had created all the old records with 15 minute TTLs but maybe somebody along the way is not honoring those TTLs.

profile picture
wz2b
asked 2 years ago268 views
1 Answer
0
Accepted Answer

Nobody answered but that's ok - it's pretty clear that you can have non CNAME pointer or a correct CNAME pointer, but cloudformation will fail if there is an existing CNAME record pointing to the wrong place.

profile picture
wz2b
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions