By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

"Routing traffic for additional levels of subdomains" - guide not working as expected

0

According to this AWS documentation, when dealing with Routing traffic for additional levels of subdomains, we have two options

Either you create records in the hosted zone for the domain, or you create a hosted zone for the lower-level subdomain, and then you create records in that new hosted zone.

So I was going with option 1 "create records in the hosted zone for the domain" the following way, since I would like to manage all DNS in one single hosted zone at the apex level.

My steps:

  1. In my root account, I have my apex domain (mydomain.com) in Route53 with a Hosted Zone.
  2. In my production account, I created separate Route53 Hosted Zones for app.mydomain.com and api.app.mydomain.com and pointed them at their resources with A/AAAA records
  3. In my staging account, I created a separate Route53 Hosted Zone for staging.app.mydomain.com and pointed it at it's resource with A/AAAA records
  4. In my root account, in the Route53 Hosted Zone for the apex domain, I created 3 separate Route53 Hosted Zones (one for each of the sub domains) with NS records pointing to each of their separate Name Servers

According to the documentation, all these 3 domains should work, however only app.mydomain.com does.

When I delete the NS record for app.mydomain.com in the root account, both of the other two subdomains starts working.

This suggests to me that we can't do option 1 as the documentation states, and have to follow the approach where you create separate Hosted Zones for each direct subdomain (app.mydomain.com in my case), which then controlles DNS for all sub-subdomains (api.app.mydomain.com and staging.app.mydomain.com) etc.

Or am I getting something wrong? :)

Topics
Networking & Content Delivery
Tags
Amazon Route 53
Language
English
halte
asked 5 months ago164 views
3 Answers
2
Accepted Answer

This is not an aws issue but the way you are delegating subdomains. For it to work the way you want too, you will need to create the ns records for staging.app.mydomain.com in your production account within app.mydomain.com

Your making the whole production account authoritative for app.mydomain.com

The documentation is correct however your creating a subdomain of a subdomain.

profile picture
EXPERT
Gary Mclean
answered 5 months ago
profile picture
EXPERT
Sedat Salman
reviewed 5 months ago
0

Thank you for clarifying Gary.

What you describe is what I would call option 2 from the documentation, "you create a hosted zone for the lower-level subdomain, and then you create records in that new hosted zone". This is a fine approach, and I don't mind it at all.

One last question: If we are "limited" by how delegation of subdomains works, then can you give an example of option 1, "you create records in the hosted zone for the domain"? I just don't see any other options than the one you descried, so not sure why the documentation would suggest there are two.

I build my entire stack based around that one line, and now have to refactor a lot of my constructs to move the DNS routing around :/ I don't mind as I am just learning, but might prevent others from going down the same path.

halte
answered 5 months ago
0

To answer your example of Option 1 would then look like this.

Example.com in the root account.

Prod.example.com subdomain points to zone in prod account.

Staging.example.com subdomain points to zone in staging account.

If you want a record called api in each zone you create them in said zone. Eg api.prod.example.com would be created in production zone.

profile picture
EXPERT
Gary Mclean
answered 5 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content