PaaS

Externalizing domains in AWS Route53

I use AWS Route53 for registering domains that I use both personally and in my devops R&D lab work. It’s relatively inexpensive as registrars go (most of the ones I’ve registered are $12/yr) and domains integrate by default into Route53, which is very helpful for whatever hosting you perform via AWS.

However, sometimes I use domains in Route53 for external hosting applications, like blogs which hosted by WordPress.com. In order to use a custom domain with WordPress.com, you need to do two things when using R53 DNS:

  • change the NS records for the domain, and
  • change the DNS server list for zone delegation

Both of these are easily performed in the R53 administrative console, but in different places.

Updating the NS records for the domain

Changing the NS records is as simple as loading the hosted zone set and selecting the NS record entry and editing it to replace the AWS DNS servers that originally were placed in the record:

blog-cucurb-fig1-route53hostedzonensnew

After the NS record changes propagate, I check the delegation paths for the domain since I haven’t changed that yet and notice that the TLD .org servers still look to AWS DNS servers:

blog-cucurb-fig3-route53predelegationchange

So, let’s change the delegation on our zone so that the TLD DNS servers look to the right place.

Updating the DNS server list for zone delegation

On the R53 console, navigate to Domains, Registered Domains, then select the domain you want to change. You should see a screen that lists some expiration, renewal, authorization, and tag parameters along with a list of name servers on the right side. That list needs to be edited in order to fix the delegation pathing for the new NS record entries.

Original, with AWS DNS servers listed:

blog-regdomains-fig2-nameservers

Edited to use new DNS servers for external site:

blog-cucurb-fig4-route53hostedzonensupdated

It takes a while for these changes to go into effect, AWS will send you an email once the changes have been completed. At that point, you can check the delegation path again:

blog-cucurb-fig5-route53postdelegationchange

At this point, the delegation path between the new WordPress.com DNS servers and the TLD .org DNS servers is established and your application/blog should now be working.