Questions tagged with Amazon Route 53

Content language: English

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

Hi, I am trying to setup Lambda functions with API Gateway as the trigger. I'll be making external API calls from the functions and I need my IP to be allowlist with the provider, so it should be static. I also need to provide them the hostname from where the API calls will originate from, so the API gateway will be using custom domain. I have the domain registered on Godaddy and for this API Gateway, I want to use a subdomain. At the moment, what I have done is: 1. Created a VPC Endpoint with subnets in all the availability zones in the region. 2. Created a private Rest API and assigned the above VPCE to it. 3. Created the same number of Elastic IPs as the availability zones. 4. Requested a new certificate from ACM for the subdomain, put the CNAME records on GoDaddy and got the certificate issued. 5. Created a Target Group with IP as target type, TLS as protocol and HTTPS as health check protocol and registered the default subnet's IPs of each availability zone. I used 403 as the health check status expected as this will be the status when the API will be invoked using NLB's DNS for health checks. The health check comes out to be positive. 5. Created Internet Facing, IPv4 Network Load Balancer. The listener was setup with TLS as the protocol. I assigned the above created EIPs to this load balancer and the above generated certificate too. At this point, I am successfully able to invoke the private API Gateway using the NLBs domain. However, I get a security warning because the domain for which the certificate was issued for is not being used to invoke the API. I created a Custom domain for the API and assigned the same certificate to it as well. But still, I get the same warning on the client side. And if I try to invoke the API with the custom domain name, I get no response at all because the name does not get resolved. If I had my domain registered on AWS Route 53, I would've been able to create an Alias record that pointed to the NLB. Can I still do this with external registrar and will this even do anything for me? Can somebody please guide me what needs to be done to get this working? Really appreciate it & thanks in advance. PS. Sorry for the long detail if it's unnecessary.
0
answers
0
votes
9
views
asked 3 hours ago
I moved my domain to a service outside of AWS. I deleted the Route53 Hosted Zone with the DNS entries for my domain. However when I do a DNS Lookup on the domain, it still resolves to the two Amazon IPs that contain it in an A record. It's been a few days now and the TTL is set to 600 seconds but AWS won't release those DNS entries. Does anyone have any idea why this is happening? I have zero resources related to that domain that exist anymore. Any ideas why these are still populated? nslookup my-domain.com Server: 172.17.160.1 Address: 172.17.160.1#53 Non-authoritative answer: Name: my-domain.com Address: 15.X.X.X (AWS IP) Name: my-domain.com Address: 3.X.X.X (AWS IP)
0
answers
0
votes
6
views
TheWeez
asked 14 hours ago
I have registered a domain name through Amazon and set up a public hosted zone in Route53. Was able to query records successfully over the internet but that has stopped. My zone is still in Route53 and appears to have the correct records. I followed the diagnostics suggested [here](https://aws.amazon.com/premiumsupport/knowledge-center/route-53-fix-dns-record-resolution/) and see that the whois records correctly indicate that Amazon is the registrar and there is a match between the whois and Route53 the name server records but when I run a `dig +trace privatedataservices.com` the connection between the .com nameservers and amazon is absent. I don't believe I've done anything wrong but my Route53 zone isn't queryable. How should I proceed?
1
answers
1
votes
6
views
asked a day ago
I have a duplicate website the www. and the nacked version. I would like to redirect all traffic to the nacked link www to non-www traffic. I have updated the .htaccess file but it doesn't work. Coding used: RewriteEngine Enabled RewriteRule ^(.*)$ http://www.example.com [NC] RewriteCond %{HTTP_HOST} ^example.com/$1 [L,R=301] It seems that changes to the .htaccess in Apache are handled differently... And the edits are not applied. Could you advise me on how to handle the www to non-www redirection?
1
answers
0
votes
20
views
asked a day ago
Hello all, I transferred a registered domain from bluehost to aws and its worked smoothly, but seems i cannot move the zone into a route 53 hosted zone!, i created one, changed the nameserver on registered domain section in route53 to use aws ns, but seems its still resolving from bluehost, how can i make sure that my registered dns is using 53 hosted zone, not the blue host dns ? , thanks.
3
answers
0
votes
18
views
asked a day ago
Hello there; I'm a I'm a student at bootcamp and I need this domain to follow the topics, I guess it didn't allow me to protect my account. Can you help me open and get a domain name? my english is not good please help me i have class on the weekend she has to catch up Thank you
2
answers
0
votes
15
views
asked 3 days ago
Hi all, Firstly wordpress is running fine on the static ip assigned but I cannot get my Route53 Domain to point successfully at the static ip - I am stuck in Name Server difficulties. Ive actually spent nearly 3 days trying to figure this out, watching videos, checking support, looking at stack overflow and am actually pretty sick of it all Im still very confused here are the steps I am taking * USING a Domain name which was registered by Route53 * No Hosted Zones in Route 53 * Created Lightsail DNS Zone * Copied 4 Lightsail DNS Name Servers * Pasted 4 Lightsail DNS Name Servers in the Registered Domain Name Servers * Assigned Static ip currently running wordpress instance * Checked both http and https and www, and root Domain * Response is This site can’t be reached / DNS_PROBE_FINISHED_NXDOMAIN All help gratefully received
2
answers
0
votes
16
views
MOBJAI
asked 3 days ago
Hello there; I'm a I'm a student at bootcamp and I need this domain to follow the topics, I guess it didn't allow me to protect my account. Can you help me open and get a domain name? Thank you
1
answers
0
votes
20
views
asked 3 days ago
# Problem I created a Route 53 zone with the following code: ```lang-ts this.apiV2Zone = new PublicHostedZone(this, "ApiV2", { zoneName: "api-v2.example.com" }); ``` The zone was created as expected, but I noticed the `TTL` attribute for the `NS` record was set to `172800` (2 days). This is a bit high at the moment, because I'm just experimenting - setting the `TTL` lower won't cost me much for now. But, how do I go about seting the `TTL` of the `NS` record with the CDK? --- # What I've tried I tried to force the `NS` record myself with: ```lang-ts let target = RecordTarget.fromValues( ...this.apiV2Zone.hostedZoneNameServers ?? [] ); const recordSet = new RecordSet(this, 'ApiV2Ns', { recordType: RecordType.NS, target, zone: this.apiV2Zone, deleteExisting: true, recordName: this.apiV2Zone.zoneName, ttl: cdk.Duration.minutes(10), }); ``` But that failed on deploy with: ``` Received response status [FAILED] from custom resource. Message returned: InvalidChangeBatch : [A HostedZone must contain at least one NS record for the zone itself.] ``` Also tried with `deleteExisting: false` but that failed too because it was duplicating the existing `NS` record. --- # Workaround Set it manually in the AWS console. Doesn't seem to cause any change to be reported when I do a CDK `diff`. --- https://stackoverflow.com/questions/75217593/cdk-how-to-set-the-ttl-of-the-ns-record-for-a-route53-publichostedzone
0
answers
1
votes
12
views
Shorn
asked 3 days ago
I have read every ounce of documentation I could find related to this topic. I've been using the boto3 Python client to work with AWS to register a new domain and verify it to be used with the AWS Simple Email Service (SES). This is an entirely painless task in just a few clicks with the GUI: ![Enter image description here](/media/postImages/original/IMB-xEGcg2TR6AMoFszZi-uQ) And I thought, reading the [SES boto3 documentation](https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ses.html), I could achieve the same thing via API with the Python client. But nothing happens. I get no error. No indication appears in the GUI that the verification is pending (the way it does when done through the GUI). Even after 72 hours, nothing changes. But when I do it in the GUI, it works pretty quickly, so presumably I just missed some important API step. %pip install boto3 # a Jupyter-ism import boto3 import time class Domain: # AWS Route 53 Domains Documentation: # https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/route53domains.html#Route53Domains.Client.get_operation_detail def __init__(self, static_domain=False): # identity: Identity self.client = boto3.client('route53domains') if static_domain: domain_list_response = self.client.list_domains() print(domain_list_response) domain_owned = False for domain in domain_list_response['Domains']: if domain['DomainName'] == static_domain: domain_owned = True if domain_owned: print('Domain already owned...') self.name = static_domain else: availability_response = self.client.check_domain_availability( DomainName=static_domain ) first_name = 'First' # identity.fname last_name = 'Last' # identity.lname org_name = 'Testing123' # identity.org address = '123 Testing Drive' # idenity.addr city = 'TestingCity' # identity.city state = 'TestingState' # identity.state_code country = 'US' # identity.country_code zip_code = '12345' # identity.zip_code phone = '+1.1234567890' # identity.phone email = f'admin@{static_domain}' if availability_response['Availability'] == 'AVAILABLE': print('Domain available...') registration_response = self.client.register_domain( DomainName=static_domain, DurationInYears=1, AutoRenew=False, AdminContact={ 'FirstName': first_name, 'LastName': last_name, 'ContactType': 'PERSON', 'OrganizationName': org_name, 'AddressLine1': address, 'City': city, 'State': state, 'CountryCode': country, 'ZipCode': zip_code, 'PhoneNumber': phone, 'Email': email }, RegistrantContact={ 'FirstName': first_name, 'LastName': last_name, 'ContactType': 'PERSON', 'OrganizationName': org_name, 'AddressLine1': address, 'City': city, 'State': state, 'CountryCode': country, 'ZipCode': zip_code, 'PhoneNumber': phone, 'Email': email }, TechContact={ 'FirstName': first_name, 'LastName': last_name, 'ContactType': 'PERSON', 'OrganizationName': org_name, 'AddressLine1': address, 'City': city, 'State': state, 'CountryCode': country, 'ZipCode': zip_code, 'PhoneNumber': phone, 'Email': email }, PrivacyProtectAdminContact=False, PrivacyProtectRegistrantContact=False, PrivacyProtectTechContact=False ) print(registration_response) operation_id = registration_response['OperationId'] print(operation_id) operation_detail_response = self.client.get_operation_detail( OperationId=operation_id ) print(operation_detail_response) while operation_detail_response['Status'] == 'IN_PROGRESS': time.sleep(10) operation_detail_response = self.client.get_operation_detail( OperationId=operation_id ) print(operation_detail_response) if operation_detail_response['Status'] == 'IN_PROGRESS': print('Domain registration in progress...') else: print('Domain registration successful...') else: print('dynamic domain generation not yet supported') class Inbox: def __init__(self, domain, username: str): self.client = boto3.client('ses') self.domain = domain self.username = username self.address = f'{self.username}@{self.domain.name}' print(f'Inbox ({self.domain.name}) ready...') verify_domain_id_response = self.client.verify_domain_identity( Domain=self.domain.name ) print('verify_domain_id_response[\'VerificationToken\']', verify_domain_id_response['VerificationToken']) print('') domain_verified = False while domain_verified == False: get_identity_verification_attributes_response = self.client.get_identity_verification_attributes( Identities=[ self.domain.name, ] ) print('get_identity_verification_attributes_response', get_identity_verification_attributes_response) print('') for identity in get_identity_verification_attributes_response['VerificationAttributes']: status = get_identity_verification_attributes_response['VerificationAttributes'][identity]['VerificationStatus'] if status == 'Success': domain_verified = True else: print('Domain verification status:', status) print('This could take up to 72 hours. Feel free to close this notebook and re-execute the code from this cell later. The process is happening on AWS\'s end and will not be interrupted. Once verified, re-executing the code won\'t reset the status, don\'t worry.') time.sleep(100) verify_domain_dkim_response = self.client.verify_domain_dkim( Domain=self.domain.name ) print('verify_domain_dkim_response[\'DkimTokens\']', verify_domain_dkim_response['DkimTokens']) print('') enable_id_dkim_response = self.client.set_identity_dkim_enabled( Identity=self.domain.name, DkimEnabled=True ) print('enable_id_dkim_response', enable_id_dkim_response) print('') # ... snip ... code to create actual inboxes + send & receive emails # from domain print('Inbox verified...') domain = Domain(static_domain='testing.com') inbox = Inbox(domain=domain, username='admin') Output: {'Domains': [{'DomainName': '... snip ...', 'AutoRenew': False, 'TransferLock': False, 'Expiry': datetime.datetime(2024, 1, 21, 16, 51, 56, tzinfo=tzlocal())}], 'ResponseMetadata': {'RequestId': '... snip ...', 'HTTPStatusCode': 200, 'HTTPHeaders': {'x-amzn-requestid': '... snip ...', 'content-type': 'application/x-amz-json-1.1', 'content-length': '104', 'date': 'Mon, 23 Jan 2023 02:31:27 GMT'}, 'RetryAttempts': 0}} Domain already owned... Inbox (... snip ...) ready... verify_domain_id_response['VerificationToken'] ... snip ... get_identity_verification_attributes_response {'VerificationAttributes': {'... snip ...': {'VerificationStatus': 'Pending', 'VerificationToken': '... snip ...'}}, 'ResponseMetadata': {'RequestId': '... snip ...', 'HTTPStatusCode': 200, 'HTTPHeaders': {'date': 'Mon, 23 Jan 2023 02:31:27 GMT', 'content-type': 'text/xml', 'content-length': '639', 'connection': 'keep-alive', 'x-amzn-requestid': '... snip ...'}, 'RetryAttempts': 0}} Domain verification status: Pending This could take up to 72 hours. Yes, really. Feel free to close this notebook and re-execute the code from this cell later. The process is happening on AWS's end and will not be interrupted. Once verified, re-executing the code won't reset the status, don't worry. What am I missing here? Is what I'm trying to do a simple matter of something I missed in the documentation? Or is this not even viable purely via API in AWS? I suspect the former. Maybe I need to handle the record assignment process manually with the Route53 API? I'd really appreciate an example of what that would like if so. Otherwise just a hint that this is a requirement, and that SES will not do it automatically like with the GUI functionality, would be helpful to know.
0
answers
0
votes
19
views
asked 4 days ago
I'm having a problem with Amazon Workmail, emails sent from an external domain takes about 30 mins to be received, and from gmail for example it is received instantly. Also, when im send an email between users from the same WorkMail domain i get and error with this message "An error occurred while trying to deliver the mail to the following recipients:" I have no rules set and my domain was acquired through route 53 and all the DNS records were updated automatically by Amazon
1
answers
0
votes
15
views
asked 4 days ago
While trying to get the Authorization (EPP) code for transferring a domain from Route 53 to another vendor. Transfer lock is disabled. Domain name status code does not have a value? Error when clicking on 'Get code': > Sorry, but an unexpected error has occurred while getting your auth code. Please retry again. See system status for more information on current system status.
0
answers
0
votes
16
views
asked 5 days ago