Posted On: Apr 17, 2020

AWS OpsWorks for Puppet Enterprise now supports custom domains. Through the existing interfaces you can now provide a custom fully qualified domain name (FQDN), its matching SSL certificate, and SSL private key and have the OpsWorks server configured accordingly. After you have created a Canonical Name (CNAME) entry in your DNS management service to point to the internal OpsWorks endpoint, you will find your Puppet Enterprise Dashboard under a domain of your choice instead of the generic OpsWorks-created one. Also, this will now be the public endpoint of your OpsWorks server. By using a custom domain with an SSL certificate that you manage, you have an endpoint that stays the same regardless of the server being re-created: any node under management by the OpsWorks for Puppet Enterprise server will stay associated through this endpoint. 

If you already have an OpsWorks server in use and want to use your own domain, you will first need to create a backup of your OpsWorks server through the CreateBackup API. You then create a new server from the backup through a CreateServer API call, where you provide the backup id together with the three new input parameters: custom domain, custom certificate and custom private key. This will bring your OpsWorks server up with its public endpoint being the custom domain you specified. As with new servers, you will need to create a CNAME entry in your DNS management service of choice to point to the internal OpsWorks endpoint. For more details on this process, please see our documentation. Here you will also find information about which types of certificates can be used and what to do when the certificate is about to expire.