Table of Contents
This is is a short article for people using both the Php framework Laravel, and Vapor, a tool to deploy serverless applications on AWS.
Vapor is an amazing tool, that abstracts for you pretty much all the hard work of dealing of AWS. It setups the Lambdas that run your app, it creates the DNS records needed, it can setup S3 storage, DynamoDB queues, and even databases. This is all great, but there are some cases where all of this abstraction can cause some issues.
I have a domain
mydomain.com. I manage the DNS record in a hosted zone via my AWS account A. I want to deploy an application in my AWS account B where I setup a hosted zone for
To do the deployment, I added the domain to my
But whenever I try to deploy, I’m getting this message:
I tried to add the sub-domain to my vapor dashboard but it only accepts root domains. I tried to manually create an ACM certificate in the AWS account B for
staging.mydomain.combut unfortunately that did not help.
This solution was shared by the the Vapor support team, who’s super reactive (3-4 back and forth emails in 2 hours).
Create a dummy hosted zone for the root domain
The problem is that even though I have a certificate in AWS, Vapor isn’t aware of it. So the solution is let Vapor create the certificate. But before Vapor can create the certificate for the subdomain, Vapor needs to know the hosted zone. The hosted zone exists is in the AWS account A but it can’t be reached by Vapor, so you need to create a “dummy” one with:
vapor zone mydomain.com.
Creating the certificate for the sub-domain
Now that this is done we can create a certificate for the subdomain by running
staging.mydomain.com. This will create a new certificate in the
us-east-1region of ACM. You can go to the AWS ACM dashboard to create the records needed in your
Create the DNS records in the right places
For the final step you need to go to your dummy
mydomain.comhosted zone. Copy all DNS records for the subdomain (ending with
staging.mydomain.com) in the hosted zone for
staging.mydomain.comin the AWS account B, and the rest of the records (except of course SOA, NS ect) in the hosted zone for
mydomain.comin AWS account A. Vapor should now be aware of the subdomain certificate, and everything should be working fine.
You can now run again
vapor deploy production. In the deployment console output you should see a CNAME record. Make sure to create this in the hosted zone for
staging.mydomain.comin the AWS account B. Note that since you can’t create CNAME records for the root of a hosted zone in route53, so you need to create an A record that’s you’re going to configure to be an alias!
Welcome to my blog where I share my learning bootstrapping online companies!