0

Setup

I have a multi account setup in AWS.

Account 1 is responsible for DNS hosting / resolution
Account 2 hosts a development environment for a web app
Account 3 hosts a production environment for the same web app

Account 1
Hosted Zone: example.com
Name Servers: dev.example.com
Name Servers: prd.example.com

Account 2
Hosted Zone: dev.example.com
A record (alias): Load Balancer DNS Name

Account 3
Hosted Zone: prd.example.com
A record (alias): Load Balancer DNS Name

This all works as expected, my subdomains resolve to the Load Balancers.

Problem

For the production account I want users to be able to type in example.com and have that resolve to the A record alias or prd.example.com.

I assumed I would be able to do this by adding a CNAME record in Account 1 with the production hosted zone name. However I get the following error:

enter image description here

I've googled this error and found this stackoverflow answer. It seems to suggest it's not possible (but this was back in 2013).

I know that DNS forwarding can be achieved using an S3 bucket, but that seems like such an ugly solution. Is there another way I can achieve this?

Thanks

GreenyMcDuff
  • 2,396
  • 6
  • 23
  • 54
  • [Sean Faria](https://stackoverflow.com/users/8916407) posted an [Answer](https://stackoverflow.com/a/66573246) saying "The answer is this create an s3 bucket redirect. See link https://aws.amazon.com/premiumsupport/knowledge-center/redirect-domain-route-53/" – Scratte Mar 11 '21 at 10:12

1 Answers1

0

The error is correct. A Canonical Name (CNAME) cannot exist, by definition, at the Apex (top level) in a zone as it has the potential to cause a conflict.

You can read an excellent FreeCodeCamp article on the subject here.

hephalump
  • 4,165
  • 1
  • 13
  • 17