Table of Contents
This is is a short article for people using both the Php framework Laravel, and Vapor, a tool to deploy serverless applications on AWS.
The problem
Vapor is an amazing tool, that abstracts for you pretty much all the hard work of dealing of AWS. It setups the Lambdas that run your app, it creates the DNS records needed, it can setup S3 storage, DynamoDB queues, and even databases. This is all great, but there are some cases where all of this abstraction can cause some issues.
I have a domain
mydomain.com . I manage the DNS record in a hosted zone via my AWS account A. I want to deploy an application in my AWS account B where I setup a hosted zone for staging.mydomain.com. To do the deployment, I added the domain to my
vapor.yml file:
But whenever I try to deploy, I’m getting this message:
I tried to add the sub-domain to my vapor dashboard but it only accepts root domains. I tried to manually create an ACM certificate in the AWS account B for
staging.mydomain.com but unfortunately that did not help.The solution
This solution was shared by the the Vapor support team, who’s super reactive (3-4 back and forth emails in 2 hours).
Create a dummy hosted zone for the root domain
The problem is that even though I have a certificate in AWS, Vapor isn’t aware of it. So the solution is let Vapor create the certificate. But before Vapor can create the certificate for the subdomain, Vapor needs to know the hosted zone. The hosted zone exists is in the AWS account A but it can’t be reached by Vapor, so you need to create a “dummy” one with:
vapor zone mydomain.com.Creating the certificate for the sub-domain
Now that this is done we can create a certificate for the subdomain by running
vapor cert staging.mydomain.com . This will create a new certificate in the us-east-1 region of ACM. You can go to the AWS ACM dashboard to create the records needed in your staging.mydomain.com hosted zone. Create the DNS records in the right places
For the final step you need to go to your dummy
mydomain.com hosted zone. Copy all DNS records for the subdomain (ending with staging.mydomain.com) in the hosted zone for staging.mydomain.com in the AWS account B, and the rest of the records (except of course SOA, NS ect) in the hosted zone for mydomain.com in AWS account A. Vapor should now be aware of the subdomain certificate, and everything should be working fine.Deploy
You can now run again
vapor deploy production. In the deployment console output you should see a CNAME record. Make sure to create this in the hosted zone for staging.mydomain.com in the AWS account B. Note that since you can’t create CNAME records for the root of a hosted zone in route53, so you need to create an A record that’s you’re going to configure to be an alias!
