Questions tagged with Amazon Route 53

Content language: English

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

Why can't i use A/AAA records to redirect a www domain to a non-www domain when the latter points to a cloudfront distribution?

Hi, I want all requests coming from www.domain.com to be redirected to https://domain.com. When i use A/AAA records to redirect www urls to non-www ones i get the following error from cloudfront in the browser. ------------------------------- 403 ERROR The request could not be satisfied. Bad request. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner. If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation. Generated by cloudfront (CloudFront) Request ID: FuncJA-r5nbfvEUYV-_NdAINj80hfCo12dKVgm-K2-lCtLcjgj3O4w== ----------------------------------------------------------------------------------------------------------------------------- I am now using an empty s3 bucket to redirect traffic coming from www.domain.com to https://domain.com. But i was wondering why this can't be done with simple A records in route53. The cloud distribution that is hosting the app only works with https but will redirect all incoming http traffic automatically to https. Does anyone know why Alias records don't work for redirecting traffic to a domain that points to a cloudfront distribution?
1
answers
1
votes
44
views
asked a month ago

Migrate resources to another account

Hello, on account A i hosted some resources that belong to account B that i want to migrate as inventory on account A, i have the following resources: ``` a hosted zone for domain A a hosted zone for domain B many ec2 instances for domaine A 1 x ec2 instance for domain B (for CRM) a static website for domain B in a S3 bucket a website that belong to domain B but hosted on a server that belong to domain A ``` my idea was to start by hosted zone 1. recreate hosted zone for domain B on account B and copy records from account A to account B 2. modify DNS to use this new zone for static website 1. copy S3 bucket enable public access and publish to cloudfront with SSL 2. modify DNS on account A and B to use this new resource for ec2 website 1. on account A, create an AMI of the webserver and share it with account B 2. on account B, deploy ec2 from AMI 3. copy data on this new instance 4. modify DNS on account A and B to use this new resource and finally for CRM server 1. on account A, stop CRM server 2. on account A, create an AMI of the CRM server share it with account B 3. on account B, deploy server from AMI 4. start server 5. modify DNS on account A and B to use this new resource things looks easy but im stuck with the newly created hosted zone because i cannot create A alias record on account B that use aws resources which are still on account A at the moment so im not sure what i have to do. maybe should i start to migrate ec2 instances and static website but i can be in trouble when i will modify DNS to use hosted zone in account B i d like to avoid at maximum a loss of connection what should i do ?
1
answers
0
votes
50
views
asked a month ago

AMAZON SES - use of dedicated IPs causing undelivered mails

We started using 2 dedicated IP addresses last week (becaouse we were getting classified as spam by a few of our clients servers), with automatic warm up enabled. Ever since that moment, a great amount of mails to Microsoft 365 accounts stopped being delivered. A couple of examples of bounces we are getting (I have bolded what I consider the important bits): {"notificationType":"Bounce","bounce":{"feedbackId":"01000183ec4e858b-23653b95-dc32-4bc5-8c79-c5576c654ab1-000000","bounceType":"Transient","bounceSubType":"General","bouncedRecipients":[{"emailAddress":"ALVARO.MOLLINEDO@TIENDAAMIGA.COM.BO","action":"failed","status":"4.4.7","diagnosticCode":"s***mtp; 550 4.4.7 Message expired: unable to deliver in 840 minutes.<451 4.0.0 Unknown>"}***],"timestamp":"2022-10-18T18:15:12.000Z","remoteMtaIp":"104.47.51.110","reportingMTA":"dns; a121-81.smtp-out.amazonses.com"},"mail":{"timestamp":"2022-10-18T04:15:07.803Z","source":"avisos.tiendaamiga@salar10.net","sourceArn":"arn:aws:ses:us-east-1:119356527540:identity/salar10.net","sourceIp":"18.214.19.61","callerIdentity":"ses-smtp-user.20210113-144245","sendingAccountId":"119356527540","messageId":"01000183e94d681b-347c8244-c7b1-4435-a54a-e78082cb671a-000000","destination":["karen.cespedes@tiendaamiga.com.bo","favio.quisbert@tiendaamiga.com.bo","merly.ramirez@tiendaamiga.com.bo","javier.pelaez@iqus.com.bo","nicole.calderon@tiendaamiga.com.bo","ALVARO.MOLLINEDO@TIENDAAMIGA.COM.BO"]}} {"notificationType":"Bounce","bounce":{"feedbackId":"01000183ec57b5a3-5fa6bf1e-4969-47e1-9a2c-9b1da6abdfa4-000000","bounceType":"Transient","bounceSubType":"General","bouncedRecipients":[{"emailAddress":"ACACERES@CLINICADELASAMERICAS.COM.BO","action":"failed","status":"4.4.7","diagnosticCode":"***smtp; 554 4.4.7 Message expired: unable to deliver in 840 minutes.<451 4.7.500 Server busy. Please try again later from [54.240.121.82]. (S77719) [BN1NAM02FT058.eop-nam02.prod.protection.outlook.com]>"}***],"timestamp":"2022-10-18T18:25:14.000Z","remoteMtaIp":"104.47.51.110","reportingMTA":"dns; a121-82.smtp-out.amazonses.com"},"mail":{"timestamp":"2022-10-18T04:03:25.674Z","source":"avisos.clinicaamericas@salar10.net","sourceArn":"arn:aws:ses:us-east-1:119356527540:identity/salar10.net","sourceIp":"18.214.19.61","callerIdentity":"ses-smtp-user.20210113-144245","sendingAccountId":"119356527540","messageId":"01000183e942b16a-c9696617-8145-411f-b1bb-f898d07685c1-000000","destination":["ACACERES@CLINICADELASAMERICAS.COM.BO"]}} Some useful information: - Before using the dedicated IPs, we weren't getting any of these bounces. - Message count and rate has not changed. - In addition to adding the dedicated IPs, we also configured a custom MAIL FROM for the subdomain, following AWS instructions to the letter. - Messages are NOT being directed to spam folders in MS 365 accounts, they do not reach destination. - We have tested our mails with a couple of online mail testers, and we get **very good scores** (>=90%). - We have w h i t e l i s t - e d both the domain and the IPs in MS 365 exchange admin center, to no avail. - Reverse DNS works fine. ¿What can we do? ¿If we relinquish the dedicated IP addresses currently being warmed up, should everyting go back to normal? ¿Contact Microsoft support and hope they can provide a reason for those bounces, so we know what to do in order to solve the issue? Thank you very much in advance for any help.
0
answers
0
votes
24
views
asked 2 months ago

Route 53 A record with Load Balancer DNS not propagating

I´ve configured a Load Balancer but when adding A record on Hosted Zone, the DNS is not propagating. Let me explain my current configuration (Let´s say the domain is 'something.com' and security groups are allowing traffic, also rules on LightSail): 1. LightSail instance and VPC peered (AWS default VPC and LightSail VPC are in the same avaliability zones and currently peered). From now, this will be 'previous VPC' on followint points. 2. A target group pointing to private IP addres of LightSail instance (Type: IP Addresses, Network 'Other private IP address', previous VPC, HTTPS protocol and Healty state). 3. Load Balancer with certificate imported, Internet-Facing, IPv4, previous VPC, 2 subnets selected (including the one where the Light Sail instance belongs to). 4. Hosted Zone for 'something.com' with a DNS A record for 'dummy.something.com' record pointing to Load Balancer DNS. With Alias that redirect traffic to 'Classic Load Balancer and applications', same region and previously created Load Balancer. I´ve done this before to protect an OWASP JuiceShop and it worked perfectly. The difference with the current one are: 1. DNS zone on LightSail with A record for 'dummy.something.com' pointing to the instance public IP (I´m deleting that record when creating the one Route 53, the one on previous point 4), between others records type for 'something.com' (for example A record apidummy.something.com) 2. The hosted zone is NOT 'created by Route53 Registar'. After all of this and after create the DNS A record of point 4, the DNS does not propagate and application hosted on 'dummy.something.com' is not accessible (DNS error returned). What I´m doing wrong or missing? should I create a CNAME record on LightSail for 'dummy.something.com' resolving to Load Balancer DNS? should I register 'dummy.something.com' with route53? other completely different thing? Any help would be really appreciated.
1
answers
0
votes
53
views
Pepelu
asked 2 months ago