How to configure a custom domain name for api gateway in a multi region scenario?

0

I am following a tutorial to create an aws route 53 hosted zone for my domain via a cloudformation stack , as such

Zone:
  Type: AWS::Route53::HostedZone
  Properties:
    Name: example.com

now , i understand, i have to create a ssl certificate and a custom domain name for my api gateway in each regions . in each region , i plan to create following resources, but i'm not sure what value ( ??? , see below) i should use , in the template below. in each region , for the certificate , what is the domain name i should use , should i create a us-east-1.example.com and us-west-1.example.com separately ? i'm not sure how to link the api gateway in both regions to my domain name (example.com)

cert:
  Type: AWS::CertificateManager::Certificate
   Properties:
      DomainName:  ????
       DomainValidationOptions:
          - DomainName:  ????
             ValidationDomain: example.com
       ValidationMethod: DNS

  ApiGWCustomDomain:
    Type: AWS::ApiGateway::DomainName
    Properties: 
      DomainName: ???
      CertificateArn: !Ref cert
      EndpointConfiguration:
        Types:
          - Regional
      SecurityPolicy: TLS_1_2
1 回答
0

In API Gateway, you can create the same regional custom domain (e.g., test.example.com) in multiple regions. Each custom domain name in API Gateway comes with a target domain name. You can use the target domain name value for the route53 or you can use an alias record. I recommend reviewing this blog post.

References:

AWS
Taka_M
已回答 1 年前
  • @Taka_M - thanks. I did review the blog post you linked. it is helpful. if possible, could you clarify few things for me , so i need a domain name, and a hosted zone , which will be global resources . in each region, I will need to set up a regional custom domain (which can be same, based on your comment) . do i need to create ssl cert in both regions? also , i see in the configuration for custom domain name , there is a hosted zone id field , i assume it must be same for both custom domain names? in other words, in my example , i've created a hosted zone for my domain name. but in second region , will it be a different hosted zone id?

  • Your understanding is correct. You do need a certificate for each region.

    For an API Gateway Regional custom domain name, you must request or import the certificate in the same Region as your API. The certificate must be signed by a publicly trusted Certificate Authority and cover the custom domain name.

    For Route53, you do not need another hosted zone. You can take a look at this CloudFomration template for the blog post that shows how to create multiple record sets for the same hosted zone.

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则