The other day I was working with DNS delegation and I needed to test a subdomain being posted in AWS route 53 to make sure that I can use this DNS delegation configuration for future projects confidently.
Here’s a link to a post from Amazon web services about DNS delegation.
https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/CreatingNewSubdomain.html
This helped me realize that DNS Delegation is not hard to setup. It just requires a little patience.
After setting up DNS Delegation I needed a website to test with. I thought it would be overkill to setup an EC2 server with a simple hello world webpage when I could just setup a static website using S3….because hey, it’s easy.
This lead me to realize that pointing to the S3 bucket from a custom domain is not a trivial as having a webserver with a Public IP address. This is because you cannot use a CNAME record for the apex of a domain.
Here is a great blog post on why you cannot:
https://blog.cdemi.io/why-cant-you-have-a-cname-at-the-root-of-a-domain/
I ended up having my domain registered in AWS Account #1 with a Route53 zone in the same account. My delegated subdomain (AWS hosted zone) was in AWS Account #2.
Finally, the S3 bucket I wanted to host the static website in was in Account #1.
This meant I couldn’t use the Route53 feature of an “Alias” A-Record for pointing to my S3 bucket. This was my workaround.
TLDR note: *S3 looks at the host header!*
When you configure a bucket for website hosting. I think: In the background, S3 creates an entry to serve up requests from it’s S3 web API backed by your bucket if your bucket name is specified in the *host* header. Normal responses are replied with using XML. An S3 bucket configured to be a website replies with HTML.
See here for a helpful table:
https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteEndpoints.html
Here are my steps
I created nameserver records in Route53 (in zone greatcalldevops.com) for a subdomain (joe.greatcalldevops.com) in AWS Account 1 to the nameservers for the Delegated zone in AWS Account 2 (for the same subdomain)
Then I created `goodmorning.joe.greatcalldevops.com` in the delegated zone to point to `joeisagoodman.s3-website-us-west-2.amazonaws.com`
the chain works because the S3 endpoint behind `http://joisagoodman.s3-website-us-west-2.amazonaws.com/` received that request and looks at the `host` header. (Even tho the website bucket is named: goodmorning.joe.greatcalldevops.com ) Then it finds the bucket named in the `host` header, and returns the contents since it is a website bucket.
you can try this in Postman. Send a request to the IP address received from running:
`nslookup goodmorning.joe.greatcalldevops.com`
probably the same as what you get for `s3-website-us-west-2.amazonaws.com` = `52.218.160.95`
then set the host header to be: `goodmorning.joe.greatcalldevops.com` and you see the same page as:
http://goodmorning.joe.greatcalldevops.com (the S3 generated CNAME for the bucket)
Be sure to put the header key value into Postman as a header and not as a query string (that puts it in the url)
Adrian G. Drummond 