Written by Jamie Tanna
on 
CC-BY-NC-SA-4.0 Apache-2.0
2 mins

Adding a Non-AWS Hosted Custom Domain to an AWS API Gateway without CloudFront

Featured image for sharing metadata for article

I run a number of services using the Architect Framework, which makes running services on AWS API Gateway really straightforward.

As I wanted slightly nicer URLs for my services, instead of the default API Gateway URLs, I wanted to attach custom domain name. However, one thing that I found a bit frustrating was that a lot of guides that folks have produced to do this require using CloudFront, and I didn't need CloudFront for my purposes.

I thought I should document how I've done it for anyone else going through this in the future.

Note that the screenshots below may come out of sync over time with AWS, but hopefully it will still remain similar enough this can be followed.

First, browse to the API Gateway console and click the Custom domain names link in the sidebar:

Screenshot of the API Gateway console, showing several APIs, and on the left hand sidebar, a link to APIs, Custom domain names, and VPC links

Next, we Create a new domain name, and specify the domain name we want. In my case, I'm setting up the domain name tiktok-mf2.tanna.dev.

Screenshot of the Custom domains name page, showing several domain names, and a Create button

We need to set up a certificate in Amazon Certificate Manager (ACM) to provide us a secure means of interacting with our API Gateway. Because this is needed as part of the domain name process, we need to click Create a new ACM certificate and complete that process before returning.

When we do return, we'll then have a list of endpoints available in the Endpoint configuration box:

A list of endpoints in a selection box when clicking the Choose a certificate option

Once created, we can see the API Gateway domain name, shown below:

Screenshot of the newly created domain name, showing the endpoint configuration, with a API Gateway domain name, and a tab for API mappings

This domain name noted above is the domain that we need to CNAME, for instance:

; <<>> DiG 9.18.1 <<>> tiktok-mf2.tanna.dev
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20072
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;tiktok-mf2.tanna.dev.          IN      A

;; ANSWER SECTION:
tiktok-mf2.tanna.dev.   3600    IN      CNAME   d-f6nzqppwe5.execute-api.eu-west-2.amazonaws.com.
d-f6nzqppwe5.execute-api.eu-west-2.amazonaws.com. 60 IN A 3.10.130.88
d-f6nzqppwe5.execute-api.eu-west-2.amazonaws.com. 60 IN A 18.168.240.252

This is the most important part, I've often trialed using the API Gateway ID, instead of the domain name, which does not work.

Remember that we need to add the API mappings, otherwise our traffic will not be routed to the right API:

Screenshot of the empty API mappings page, before the API has been configured Screenshot of the in-progress configuration for the API mapping

Et voilà, we can successfully access our service on the domain!

Written by Jamie Tanna's profile image Jamie Tanna on , and last updated on .

Content for this article is shared under the terms of the Creative Commons Attribution Non Commercial Share Alike 4.0 International, and code is shared under the Apache License 2.0.

#blogumentation #aws.

Also on:

This post was filed under articles.

Interactions with this post

Interactions with this post

Below you can find the interactions that this page has had using WebMention.

Have you written a response to this post? Let me know the URL:

Do you not have a website set up with WebMention capabilities? You can use Comment Parade.