I’m trying to use a custom domain with the Api con...
# help
I’m trying to use a custom domain with the Api construct, why would I get an error saying “CREATE_FAILED | AWS:CertificateManager:Certificate | ApiCertificatexxxxx No hosted zone found with ID: xxxx (Service: AmazonRoute53; Status Code: 404; Error Code: NoSuchHostedZone; Request ID: 37cb0031-2b4f-40a7-8e00-7d979975ecb4; Proxy: null)“. Also, point to note that the hosted zone id mentioned in the error and my actual hosted zone id are different values.
so, from what I could figure until now, the route53 cdk construct’s static fromLookup method is returning incorrect hostedZoneId. I don’t understand why though.
Okay, I figured it out. There’s a concept of Default Hosted Zone. So, if you register a domain to route53 it’s mapped to a default hosted zone. Well, since I didn’t know about this, I went ahead and created a hosted zone for my domain and mapped them together. Now coming to the route53 cdk lookup method, it uses ‘DUMMY’ as the hostedZoneId if no zone id is provided whereas the root domain is considered as the zone name. Here’s the cdk lookup method source - https://github.com/aws/aws-cdk/blob/v1.105.0/packages/@aws-cdk/aws-route53/lib/hosted-zone.ts#L113 So, effectively the lookup code would be -
Copy code
const hostedZone = HostedZone.fromLookup(this, 'HostedZone', { domainName: '<http://xyz.com|xyz.com>' });
the above code internally uses the
method and uses
as the
as per the source code and it’s output would be -
Copy code
Stack dev-pm-admin-admin-api-stack
  Status: deployed
    hostedZoneId: Z000799029M39ZYI1LILZ
    hostedZoneName: <http://xyz.com|xyz.com>
Here the zone id is the route 53 default zone id. This default zone is not shown via the route53 cli’s list-hosted-zones command. So, in case of a custom hosted zone, you will need to lookup only by zoneId or both zoneId and zoneName. The lookup by zoneId doesn’t return zoneName and so my suggestion would be lookup by both zoneId and zoneName. Like this -
Copy code
const hostedZone = HostedZone.fromHostedZoneAttributes(this, 'HostedZone', {
      hostedZoneId: 'xxxxxxx',
      zoneName: '<http://xyz.com|xyz.com>',
You can then pass this hostedZone variable as the hostedZone prop for the Api construct.
@Frank you need to mention in the docs to either not create a hosted zone or otherwise use the above method to specify an existing zone. I’m not sure though how the nameservers could be managed when using the default hosted zone. If anyone has more insights into this please let me know.
Hey @Ashishkumar Pandey, glad u figured it out. So when you register a domain in Route 53, a hosted zone is auto created, and Route 53 set the domain’s name servers based on the NS records of the hosted zone.
You can create more hosted zones for the same domain, and you would have to point the domain’s name servers to the new hosted zone for it to take efffect.
And when you change the name servers, the hosted zone auto-created by Route 53 when you registered the domain is no long used, and can be removed.
I’m not sure if Route 53 has the concept of the a default hosted zone per se, but the one configured in the name server is the one that’s being used.
So, I did create a hosted zone manually and point the domain’s NS records to the hosted zone’s nameservers but I am pretty sure I didn’t remove any hosted zones that I didn’t create. The essence of what I had said above was that to attach an existing custom hosted zone you’ll need to use the route53 cdk, the hostedZone option in the Api construct won’t be able to resolve the custom hosted zone.
hmm.. I read ur explanation again, so the hosted zone id
above is a default zone on the AWS side, and isn’t listed in your Route 53 account?
Yep. If I use the fromLookup CDK method, it will always return that id.
Even if I have multiple zones available.
It's a bug on their side, I think.