Routing Zone Apex Domain to Amazon Cloudfront

Question

Is it true that to route a zone apex to Cloudfront, I must use Amazon's '53' DNS service?

This is a pretty surprising limitation. If there's no alternative, I have to move DNS services and change SSL certs.

For example:

dev.myapp.com ---- CNAME ----> s3 location // works great
stage.myapp.com -- CNAME ----> Cloudfront Location // works great
myapp.com -------- ALIAS ----> Cloudfront Location // Issa no worky so good

If you're using Amazon Route 53 as your DNS service, you can create an alias resource record set instead of a CNAME. With an alias resource record set, you don't pay for Route 53 queries. In addition, you can create an alias resource record set for a domain name at the zone apex (example.com) http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html

Cloudfront dist on top level domain

Are there any alternatives besides using Amazon 53?

Answer 1

The helpful recommendation I got from Darrin at DNSimple is this:

Hi,

The trouble with an ALIAS record and CDNs is it will resolve to an endpoint closest to our name servers rather than the normal behavior which is resolving to an endpoint closest to the client.

You might get a little better performance using our Anycast network since we our name servers are distributed closer to the client already. That said -- I would probably recommend against using an apex record with a CDN in any case.

If you're using a CDN I would probably use a URL redirect from the apex to the CNAME "www".

So the full setup would be:

dev.myapp.com ---- CNAME ----> s3 location
stage.myapp.com -- CNAME ----> Cloudfront Location
www.myapp.com ---- CNAME ----> Cloudfront Location
myapp.com ----- REDIRECT ----> www.myapp.com

I have concerns about the performance implications but I guess we can measure those and react.