This message was deleted.

Looks like you'd need to add a CNAME record. Did you set your targetDomain to be "www.domain.com"? The code as provided only sets up the A record needed for that specific domain.

Yes www.domain.com was the targetDomain, so your suggestion a CNAME record for @ which goes to www ?

I see in the code an A record, pointing "www" to an alias (the CDN). There are no records for "".

There's a lot happening in this example and I think it would be helpful to break it down a bit. 1. a private s3 bucket is created to store the file contents of your static website. 2. the directory indicated by pathToWebsiteContents is iterated over and each file is uploaded to the created s3 bucket 3. a cloudfront distribution is created with a url similar to d1btc1ewzmi0iv.cloudfront.net/ which caches and serves files within your s3 bucket. If no file is indicated it will by default serve your index.html file. 4. with the help of route53 a tls certificate is generated and validated for the specified targetDomain 5. finally an A record is created for your targetDomain that points to your cloudfront distribution that uses your generated tls certificate

Yes thanks so I investigated more and I think I need to make two buckets, one for the content associated with the TLD and one for a redirect from www to the domain because I found I couldn't arrange a redirect from the TLD to www on AWS

You don't need to redirect, or a 2nd bucket. In DNS, a CNAME record is an alias. It says "this record points to that fully-qualified domain name". So you can pint the "" record (which would be "domain.com") to "www.domain.com".

In order to support additional subdomains the following resources need to be created/updated: • a cname record to your targetDomain from www.foo.com => foo.com • your cloudfront distribution's Alternate Domain Names field needs to be updated from "foo.com" to "foo.com,www.foo.com" • finally *you must acquire a new tls certificate that supports both foo.com and www.foo.com" and update your distribution to use that

There's no HTTP redirection, no 303s or anything. Two separate DNS records: one pointing "www.domain.com" to CloudFront, one pointing "domain.com" to "www.domain.com".

Not sure that domain.com can be pointed to www.domain.com since https://serverfault.com/questions/641266/forward-the-root-domain-to-the-www-subdomain-using-dns-records

Ooo. Good find. Maybe the A record can do it?

Right but I believe you will still need to update your distribution and certificate regardless. Plus those resources will not be managed within your stack and you'll lose out on many of the benefits of using Pulumi here.

You can add the 2nd A record using Pulumi. I don't know about the CloudFront pieces. Can Pulumi not configure it correctly?

So looking at the example code there's 5 blocks that need to be tweaked: 1. const certificate = new aws.acm.Certificate(...) needs to be updated to generate a certificate that accommodates the desired subdomains) 2. const certificateValidateDomain(...) needs to be updated to validate for all supported domains 3. const const certificateValidation(...) needs to be updated to confirm the validation for all supported domains 4. const distribution = {} needs to be updated to include additional domains 5. function createAlias() needs a sibling method that will also create the CNAME record www.foo.com => foo.com

ok let me try !

Yup i'll raise a PR for the folks at Pulumi to take a look at