Assigning a FQDN (Fully Qualified Domain Name) to an EC2 Instance Using Route 53
In this guide, we’ll explore how to assign a Fully Qualified Domain Name (FQDN) to an EC2 instance running a web server using AWS Route 53. This process includes deploying CloudFormation templates, configuring Route 53, and ensuring the FQDN resolves to the EC2 instance’s public IP. Overview We aim to assign a domain name to a web server hosted on an EC2 instance. Instead of accessing the server using a public IP, we’ll use a friendly FQDN (e.g., www.cmcloudlab1589.info). Key Benefits User-Friendly Access • The FQDN makes it easier for users to access the web server instead of remembering an IP address. Scalability • The setup can easily accommodate additional domains and services under the same hosted zone. AWS Automation • Using CloudFormation ensures repeatability and simplifies deployment. Key Objectives: Deploy an EC2 instance running a web application. Create a Route 53 RecordSet in the existing public hosted zone. Ensure the FQDN resolves to the EC2 instance’s public IP. Architecture The architecture consists of: An EC2 instance running a web server. A Route 53 public-hosted zone with a Type A RecordSet pointing to the instance’s public IP. Diagram: Step-by-Step Guide 1. Create a CloudFormation Template for the EC2 Instance The following ec2.yaml file sets up an EC2 instance, including: • A web server with httpd installed and configured. • Security groups to allow HTTP (port 80) and SSH (port 22) traffic. • An IAM role with S3 access to retrieve the index.html file for the web server. AWSTemplateFormatVersion: 2010-09-09 #Description: [CET-004] EC2 with user data from CloudFormation. Parameters: InstanceType: Description: WebServer EC2 instance type. Type: String Default: t2.micro AllowedValues: - t1.micro - t2.nano - t2.micro - t2.small - t2.medium - t2.large - m1.small - m1.medium - m1.large - m1.xlarge - m2.xlarge - m2.2xlarge - m2.4xlarge - m3.medium - m3.large - m3.xlarge - m3.2xlarge - m4.large - m4.xlarge - m4.2xlarge - m4.4xlarge - m4.10xlarge - c1.medium - c1.xlarge - c3.large - c3.xlarge - c3.2xlarge - c3.4xlarge - c3.8xlarge - c4.large - c4.xlarge - c4.2xlarge - c4.4xlarge - c4.8xlarge - g2.2xlarge - g2.8xlarge - r3.large - r3.xlarge - r3.2xlarge - r3.4xlarge - r3.8xlarge - i2.xlarge - i2.2xlarge - i2.4xlarge - i2.8xlarge - d2.xlarge - d2.2xlarge - d2.4xlarge - d2.8xlarge - hi1.4xlarge - hs1.8xlarge - cr1.8xlarge - cc2.8xlarge - cg1.4xlarge Ec2Name: Description: Ec2 Resource name. Type: String BucketName: Description: BucketName. Default: ahmedsalem-testbuckettt Type: String ObjectPrefix: Description: idex.html prefix,for ex / Type: String Default: / # KeyName: # Description: Name of an existing EC2 KeyPair to enable SSH access to the instance # Type: 'AWS::EC2::KeyPair::KeyName' # ConstraintDescription: must be the name of an existing EC2 KeyPair. # SubnetId: # Description: Subnet ID which will run the web server instanc into. # Type: 'AWS::EC2::Subnet::Id' LatestAmiId: Type: 'AWS::SSM::Parameter::Value' Default: '/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2' SSHLocation: Description: The IP address range that can be used to SSH to the EC2 instance. Type: String MinLength: '9' MaxLength: '18' Default: 0.0.0.0/0 AllowedPattern: '(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2})' ConstraintDescription: Must be a valid IP CIDR range of the form x.x.x.x/x Resources: WebServerInstance: Type: AWS::EC2::Instance Properties: InstanceType: !Ref InstanceType Tags: - Key: "Name" Value: !Ref Ec2Name - Key: "value" Value: "to be deleted" # KeyName: !Ref KeyName # NetworkInterfaces: # - AssociatePublicIpAddress: "true" # DeviceIndex: "0" # SubnetId: !Ref SubnetId ImageId: !Ref LatestAmiId SecurityGroupIds: - !GetAtt "WebServerSecurityGroup.GroupId" IamInstanceProfile: !Ref IAMInstanceProfile UserData: Fn::Base64: !Sub | #!/bin/bash -xe yum update -y aws-cfn-bootstrap yum install -y httpd systemctl start httpd systemctl enable httpd aws s3 cp s3://${BucketName}${ObjectPrefix}index.html /var/www/html/ WebServerSecurityGroup: Type: 'AWS::EC2::SecurityGroup' Properties: GroupDescription: Enable HTTP access via port 80 and SSH Access port 22. VpcId: vpc-0078f41e6b5568b6e SecurityGroupIngress: - IpProtocol: tcp FromPort: '80' ToPort: '80' CidrIp: 0
In this guide, we’ll explore how to assign a Fully Qualified Domain Name (FQDN) to an EC2 instance running a web server using AWS Route 53. This process includes deploying CloudFormation templates, configuring Route 53, and ensuring the FQDN resolves to the EC2 instance’s public IP.
Overview
We aim to assign a domain name to a web server hosted on an EC2 instance. Instead of accessing the server using a public IP, we’ll use a friendly FQDN (e.g., www.cmcloudlab1589.info).
Key Benefits
User-Friendly Access
• The FQDN makes it easier for users to access the web server instead of remembering an IP address.Scalability
• The setup can easily accommodate additional domains and services under the same hosted zone.AWS Automation
• Using CloudFormation ensures repeatability and simplifies deployment.
Key Objectives:
- Deploy an EC2 instance running a web application.
- Create a Route 53 RecordSet in the existing public hosted zone.
- Ensure the FQDN resolves to the EC2 instance’s public IP.
Architecture
The architecture consists of:
- An EC2 instance running a web server.
- A Route 53 public-hosted zone with a Type A RecordSet pointing to the instance’s public IP.
Diagram:
Step-by-Step Guide
1. Create a CloudFormation Template for the EC2 Instance
The following ec2.yaml file sets up an EC2 instance, including:
• A web server with httpd installed and configured.
• Security groups to allow HTTP (port 80) and SSH (port 22) traffic.
• An IAM role with S3 access to retrieve the index.html file for the web server.
AWSTemplateFormatVersion: 2010-09-09
#Description: [CET-004] EC2 with user data from CloudFormation.
Parameters:
InstanceType:
Description: WebServer EC2 instance type.
Type: String
Default: t2.micro
AllowedValues:
- t1.micro
- t2.nano
- t2.micro
- t2.small
- t2.medium
- t2.large
- m1.small
- m1.medium
- m1.large
- m1.xlarge
- m2.xlarge
- m2.2xlarge
- m2.4xlarge
- m3.medium
- m3.large
- m3.xlarge
- m3.2xlarge
- m4.large
- m4.xlarge
- m4.2xlarge
- m4.4xlarge
- m4.10xlarge
- c1.medium
- c1.xlarge
- c3.large
- c3.xlarge
- c3.2xlarge
- c3.4xlarge
- c3.8xlarge
- c4.large
- c4.xlarge
- c4.2xlarge
- c4.4xlarge
- c4.8xlarge
- g2.2xlarge
- g2.8xlarge
- r3.large
- r3.xlarge
- r3.2xlarge
- r3.4xlarge
- r3.8xlarge
- i2.xlarge
- i2.2xlarge
- i2.4xlarge
- i2.8xlarge
- d2.xlarge
- d2.2xlarge
- d2.4xlarge
- d2.8xlarge
- hi1.4xlarge
- hs1.8xlarge
- cr1.8xlarge
- cc2.8xlarge
- cg1.4xlarge
Ec2Name:
Description: Ec2 Resource name.
Type: String
BucketName:
Description: BucketName.
Default: ahmedsalem-testbuckettt
Type: String
ObjectPrefix:
Description: idex.html prefix,for ex /
Type: String
Default: /
# KeyName:
# Description: Name of an existing EC2 KeyPair to enable SSH access to the instance
# Type: 'AWS::EC2::KeyPair::KeyName'
# ConstraintDescription: must be the name of an existing EC2 KeyPair.
# SubnetId:
# Description: Subnet ID which will run the web server instanc into.
# Type: 'AWS::EC2::Subnet::Id'
LatestAmiId:
Type: 'AWS::SSM::Parameter::Value'
Default: '/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2'
SSHLocation:
Description: The IP address range that can be used to SSH to the EC2 instance.
Type: String
MinLength: '9'
MaxLength: '18'
Default: 0.0.0.0/0
AllowedPattern: '(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2})'
ConstraintDescription: Must be a valid IP CIDR range of the form x.x.x.x/x
Resources:
WebServerInstance:
Type: AWS::EC2::Instance
Properties:
InstanceType: !Ref InstanceType
Tags:
- Key: "Name"
Value: !Ref Ec2Name
- Key: "value"
Value: "to be deleted"
# KeyName: !Ref KeyName
# NetworkInterfaces:
# - AssociatePublicIpAddress: "true"
# DeviceIndex: "0"
# SubnetId: !Ref SubnetId
ImageId: !Ref LatestAmiId
SecurityGroupIds:
- !GetAtt "WebServerSecurityGroup.GroupId"
IamInstanceProfile: !Ref IAMInstanceProfile
UserData:
Fn::Base64:
!Sub |
#!/bin/bash -xe
yum update -y aws-cfn-bootstrap
yum install -y httpd
systemctl start httpd
systemctl enable httpd
aws s3 cp s3://${BucketName}${ObjectPrefix}index.html /var/www/html/
WebServerSecurityGroup:
Type: 'AWS::EC2::SecurityGroup'
Properties:
GroupDescription: Enable HTTP access via port 80 and SSH Access port 22.
VpcId: vpc-0078f41e6b5568b6e
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '80'
ToPort: '80'
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: '22'
ToPort: '22'
CidrIp: !Ref SSHLocation
IAMInstanceProfile:
Type: AWS::IAM::InstanceProfile
Properties:
Roles:
- !Ref IAMRole
InstanceProfileName: ec2-access-s3
IAMRole:
Type: AWS::IAM::Role
Properties:
RoleName: ec2-s3-access
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service: ec2.amazonaws.com
Action: sts:AssumeRole
Path: '/'
Policies:
- PolicyName: 'EC2Access'
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: 'Allow'
Action:
- 's3:GetObject'
Resource: !Sub 'arn:aws:s3:::${BucketName}/index.html'
Outputs:
WebsiteURL:
Description: URL for newly apache webserver created.
Value: !Join
- ''
- - 'http://'
- !GetAtt
- WebServerInstance
- PublicDnsName
PublicIp:
Description: The publicIP of the webserver
Value: !GetAtt WebServerInstance.PublicIp
Export:
Name: !Sub "${AWS::StackName}-PublicIp"
2. Create the Route 53 CloudFormation Template
The following r53.yaml file creates a Route 53 RecordSet to associate the FQDN with the EC2 instance’s public IP:
Parameters:
WebserverStackParameter:
Type: String
Default: Webserver
HostedZoneId:
#Type: AWS::Route53::HostedZone::Id
Type: String
Description: HostedZone ID
ConstraintDescription: must be a valid HostedZone ID
Default: Z0775680V6B0O09IGAKU
WebserverFQDN:
Type: String
# ConstraintDescription: must be a valid HostedZone ID
Resources:
PublicDNSRecord:
Type: AWS::Route53::RecordSet
Properties:
HostedZoneId: !Ref HostedZoneId
Name: !Sub "${WebserverFQDN}.cmcloudlab1832.info"
Type: A
TTL: 900
ResourceRecords:
-
Fn::ImportValue:
!Sub "${WebserverStackParameter}-PublicIp"
Outputs:
Hostname:
Description: The Hostname attached to our Webserver
Value: !Ref PublicDNSRecord
3. Deploy the Infrastructure
Launch the EC2 Stack
• Deploy the ec2.yaml CloudFormation template to set up the EC2 instance.
• Note the exported PublicIp value for use in the Route 53 stack.Launch the Route 53 Stack
• Deploy the r53.yaml CloudFormation template to create the RecordSet in the Route 53 hosted zone.
4. Test the Configuration
After deploying both stacks, you can access your web server using the FQDN assigned in Route 53.
Example FQDN:
www.cmcloudlab1589.info
Conclusion
Assigning a Fully Qualified Domain Name (FQDN) to an EC2 instance using Route 53 is a straightforward yet powerful solution for enhancing accessibility and scalability of your applications. By leveraging AWS CloudFormation, we automated the deployment process, making it efficient, repeatable, and easy to manage.
What's Your Reaction?
