Pointing Amazon's CloudFront at an A record not a CNAME

dns amazon-web-services amazon amazon-cloudfront
21,659

Solution 1

You can point the zone apex (i.e. example.com) to a CloudFront distribution on AWS using their Route 53 service. Just log into your CloudFront distribution and set the Alternate Domain Names (CNAMEs) to your domain (e.g. example.com and/or www.example.com). Then in Route 53, create a hosted zone for your domain, and then an alias record selecting the CloudFront distribution as the destination. You can also create a second alias record for any sub-domains, such as www.example.com. Note: you'll need to change the name servers with your domain registrar too.

From the Route 53 FAQs:

Q. Can I point my zone apex (example.com versus www.example.com) at my Amazon CloudFront distribution?

Yes. Amazon Route 53 offers a special type of record called an ‘Alias’ record that lets you map your zone apex (example.com) DNS name to your Amazon CloudFront distribution (for example, d123.cloudfront.net). IP addresses associated with Amazon CloudFront endpoints vary based on your end user’s location (in order to direct the end user to the nearest CloudFront edge location) and can change at any time due to scaling up, scaling down, or software updates. Route 53 responds to each request for an Alias record with the IP address(es) for the distribution. Route 53 doesn't charge for queries to Alias records that are mapped to a CloudFront distribution. These queries are listed as “Intra-AWS-DNS-Queries” on the Amazon Route 53 usage report.

For more information, see AWSs documentation:

Solution 2

Pointing www.example.com can still be done with an A-record, but you have to point it to an IP address then, it has nothing to do with the "www" or anything else in front or not.

The difference between CNAMEs and A-Records is only that a CNAME points to another name, which must in turn be looked up by the DNS, whereas an A-record only requires one lookup and is pointed directly to an IP address.

That said, you quickly understand why using A-records with this type of cloud hosting might be a bad idea or impossible. Amazon uses several IP addresses and you won't know up front what IP addresses these are. DNS changes are slow. So, unless you have a specific IP address that does not change, using an A-record simply will not work. Find a hosting offer with a fixed IP address and you can use A-records.

In terms of performance or reachability, there's only a marginal difference between CNAME and A-records.

EDIT:
As SLaks points out, it seems best to stick to "old rules" to use an A-Record for your root domain name. But you'll find that sometimes you will not have a choice, depending on what your hosting provider allows you to do. Luckily, nowadays, there's little if anything that should practically withhold you from doing so (using CNAME).

Share:
21,659
git-noob
Author by

git-noob

Updated on February 26, 2020

Comments

  • git-noob
    git-noob about 4 years

    I've found instructions to point my domain's CNAME to Amazon's CloudFront service but ideally I would like to point the root name (A record name). For example, foo.com instead of www.foo.com. Is this possible?

  • SLaks
    SLaks almost 14 years
    Wrong. CNAMEs should not be used for a root domain, because some older email servers cannot handle them. In fact, some registrars will not allow you to create a CNAME for the domain root.
  • Aisah Hamzah
    Aisah Hamzah almost 14 years
    Really? I read the opposite. But regardless, can you be more precise? While I use A-records, I know a gazillion of sites that use CNAME records. Wikipedia, not the smallest of them all, uses CNAME records for all local versions (i.e. nl.wikipedia.org is a CNAME). Perhaps with "old" you mean pre-1990s?
  • Aisah Hamzah
    Aisah Hamzah almost 14 years
    Bottom line: don't worry about CNAME. Also, email servers don't use CNAME or A-records, they use MX-records, which, from what I see, is based on names, not IP addresses (for instance, check gmail).
  • SLaks
    SLaks almost 14 years
    I've personally seen an email server last year that could not send mail to my domain because the root domain was a CNAME.
  • Walking Wiki
    Walking Wiki about 12 years
    The DNS RFC (RFC1033) requires the "zone apex" (sometimes called the "root domain" or "naked domain") to be an "A Record".
  • jonasfj
    jonasfj about 11 years
    @Abel nl.wikipedia.org isn't a root domain, it's a subdomain, you can use CNAMES for those without problems. But CNAME on root domains, ie. wikipedia.org isn't allowed.
  • Peter
    Peter almost 9 years
    One thing to note is that you have to add your apex domain to the 'CNAMES' list (even though it isn't a CNAME) in the CloudFront configuration or it won't show up as an alias choice in the dropdown in Route 53. I was stuck on that for a bit.
  • Paul Taylor
    Paul Taylor almost 9 years
    Amazon should fix their ui because although you can use an A record, the field is called Alternate Cnames and the help doesnt make it clear yo can use an alias.
  • arunvelsriram
    arunvelsriram about 7 years
    Can we do this without using Amazon Route 53 ? My existing DNS provider supports APEX record.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to setup CNAME for Amazon S3 at Namecheap
Invalidate all files in a folder in cloudfront console
Best way to fetch Amazon's top selling products in a given category
How can I exclude URLs within Amazon Cloudfront?
CLOUDFRONT EC2 origin error CloudFront attempted to establish a connection with the origin
"Access to Font..has been blocked by CORS policy" on only one file
Upload object to s3 using aws api gateway service proxy
How to enable websockets on AWS Cloudfront
How do I find all known IPs for a given domain in Linux?
unable to create txt record using amazon route 53