Browse through the questions and answers listed below or filter and sort to narrow down your results.
ACM Certificate issued for an private hosted zone, status stuck on pending validation
Hi, we have a certificate issued by ACM for the domain for renewal, and the status of this certificate is `pending validation`. I tried to add the CNAME record by `Create Records in Route 53`, and it pop as "the record is successfully created". Waited for a day, the certificate is still on `pending validation` status. To give a clear example, naming the domain that needs verification as `api.example.com`. I checked in route53 that there is no CNAME record in the hosted zone "api.example.com", however we have a record in the hosted zone `example.com`. I'm not sure about the relationship of this two domain names. But `api.example.com` is a **private hosted zone ** and `example.com` is a **public hosted zone ** that has the CNAME record we need to add to `api.example.com`. The record in the public hosted zone has CNAME has record name. I have followed [DNS validation](https://docs.aws.amazon.com/acm/latest/userguide/dns-validation.html) and [Why is my AWS Certificate Manager (ACM) certificate DNS validation status still pending validation?](https://aws.amazon.com/premiumsupport/knowledge-center/acm-certificate-pending-validation/?nc1=h_ls) and it's a bit confusing that is this the correct certificate we get for a private hosted zone? Shouldn't we get it from ACM CA? If no, where should I add this record to? I pasted the example below, how do I complete validation for this domain? ![Route 53 Dashboard](/media/postImages/original/IMIGfX3gQFT6OTpL1NG61-3A) ![Certificate](/media/postImages/original/IMj6JK8q3HRdST1BZkFD3cpA)
How many days is normal for the DNS not updating? I'm on day 2
Hi, I updated my DNS records yesterday so I could use an email sender (domain dns verification) and know it can sometimes take hours, ive seen it take hours, minutes, but never more than 1 night of sleep. Am I doing something wrong or is amazon's DNS just really slow? How long should I give it? Im waiting 2 days on mailchimp and twilio's email company and now even a new domain I registered is waiting to be verified, via dns, by Lightsail. IDK why its taking so long.
Having trouble deciding the optimal architecture
So I am working on a product which is B2B. The landing page of our product is eg. example.com. And once someone purchases the subscription(let's say org1 purchases it) it we ought to provide them a custom web dashboard which can be accessed through the URL (org1.example.com) . Now i have some questions about this- Can we make this subdomain available only to the org1 members and not make it publicly available? I am a novice but can we use concepts like Route 53 Hosted zone using Client vpn endpoint or something like that? If it is possible, is it also possible to attach one SSL certificate to this domain? Anything would be helpful.
Please add TLD ".love" to Route 53
Hi, my client would like to register TLD ".love" TLD on Route 53. Unfortunately, it is not a supported TLD per link https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/registrar-tld-list.html#registrar-tld-list-index-generic. Paradoxically enough, ".s?x" TLD is allowed, but not ".love"...
my domain on aws api gateway is not available in my region (ap-south-1) ==> India but available in other regions(which i check through vpn) ? how to resolve this?
I have created an api gateway and associated a custom domain with that api. My api is in ap-south-1 region. I have attached my route53 domain with my custom domain. When trying to run my domain in my region (India), i am getting an error saying "This site can’t be reached", but running the same domain in other region through vpn is successful. Please let me know how to resolve this error.
AWS dns_probe_finished_nxdomain - aws dns out of sync for external host
Hello, For some time now, a "dns_probe_finished_nxdomain" type error has magically appeared when it worked fine before. After several days I was able to temporarily fix the problem by passing my DNS settings from the external host I use instead of the AWS DNS. However I would like to reuse AWS DNS as before. To give some information, I have an EC2 instance with different S3 services... I had put parameters in the DNS Route 53 towards a subdomain. But the host was not AWS but another host in which there are the DNS settings of my domain name. When the error appeared my DNS for the domain name was working fine, the problem came from my subdomains and therefore from the AWS DNS. If you have any suggestions for me that could help me explain why it suddenly crashed and fixed it, thank you :)
Is AWS shield Standard automatically applied?
We're using route53 in front of cloudfront and Application Loadbalancer. Now, we have plan to apply AWS Shield Standard to prevent DDOS attacks. But there is no functions on AWS Console to apply AWS Shield Standard (Only there be Advanced) Is the AWS Shield Standard automatically set up on route53, application loadbalancer(ELB), Cloudfront distributions? There is no more tasks to apply AWS Shield Standard for our applications. right? (We are also using WAF to prevent L7 layer ddos with rate-based rules)
Why is Route 53 showing me a price of 0.00 for a .ch domain transfer?
I'm trying to transfer a `.ch` domain to Route 53, but while the `.ch` TLD is in the list of supported domains (under Europe) and is also [detailed here](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ch.html), Route 53 says the price is US$0.00. ![Enter image description here](/media/postImages/original/IM51JlKF8-QcmN-pfcqbIGDQ) Is this a bug or is it actually free, since the domain isn't up for renewal until February, 2023?
Moving to Cloudfront from LightSail Distribution
Since I have to integrate WAF with my Lightsail instances, I have to use Cloudfront separately instead of using the one come along with Lightsail. Now I have everything setup and it works fine my a testing domain name. When I tried to update the Cloudfront associated domain name I come across with the problem "One or more of the CNAMEs you provided are already associated with a different resource", anybody can shed light on this? Tried to disable the distribution in Cloudfront and also update the CNAME record in Route53 but it doesn't help to solve the problem.