Why isn't my domain record in Route 53 that points to an Amazon S3 bucket or static website resolving?

Last updated: 2021-04-23

I have a domain record in Amazon Route 53 that points to an Amazon Simple Storage Solution (Amazon S3) bucket or static website. However, the domain isn't resolving. How can I troubleshoot this issue?

Resolution

Note: If you receive errors when running AWS CLI commands, make sure that you’re using the most recent AWS CLI version.

Review your Route 53 configuration

Confirm that the alias or CNAME record for the domain is pointing to the correct website endpoint. Depending on your Region, your Amazon S3 website endpoint must follow one of the following formats:

  • s3-website dash (-) Region — http://bucket-name.s3-website-Region.amazonaws.com
  • s3-website dot (.) Region — http://bucket-name.s3-website.Region.amazonaws.com

Review your Amazon S3 bucket configuration

When you configure an Amazon S3 bucket for website hosting, you must give the bucket the same name as the record that you want to use to route traffic to the bucket. For example, to route traffic for "example.com" to an Amazon S3 bucket that's configured for website hosting, the bucket name must be "example.com".

Important: Amazon S3 website endpoints don't support HTTPS. For information about using HTTPS with an Amazon S3 bucket, see:

Review your name server configuration

Using the following command, determine whether the correct name servers are in use and whether the domain is resolving to an IP address:

dig <domain_name> +trace

The DNS query must be directed to the correct set of name servers to answer the DNS query.

Note: The Resolving IP address isn't static.

Example output:

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.amzn2.2 <<>> swapnil.live +trace
;; global options: +cmd
.            518400    IN    NS    D.ROOT-SERVERS.NET.
.            518400    IN    NS    E.ROOT-SERVERS.NET.
.            518400    IN    NS    F.ROOT-SERVERS.NET.
.            518400    IN    NS    G.ROOT-SERVERS.NET.
.            518400    IN    NS    H.ROOT-SERVERS.NET.
.            518400    IN    NS    I.ROOT-SERVERS.NET.
.            518400    IN    NS    J.ROOT-SERVERS.NET.
.            518400    IN    NS    K.ROOT-SERVERS.NET.
.            518400    IN    NS    L.ROOT-SERVERS.NET.
.            518400    IN    NS    M.ROOT-SERVERS.NET.
.            518400    IN    NS    A.ROOT-SERVERS.NET.
.            518400    IN    NS    B.ROOT-SERVERS.NET.
.            518400    IN    NS    C.ROOT-SERVERS.NET.
;; Received 239 bytes from 172.31.0.2#53(172.31.0.2) in 0 ms

live.            172800    IN    NS    demand.beta.aridns.net.au.
live.            172800    IN    NS    demand.alpha.aridns.net.au.
live.            172800    IN    NS    demand.delta.aridns.net.au.
live.            172800    IN    NS    demand.gamma.aridns.net.au.
live.            86400    IN    DS    27304 8 1 BB1914F4690FDC1C882FA6CEA84D14FCA6B9D38D
live.            86400    IN    DS    27304 8 2 F76B40CAC1A4F9D7B2E3ED67602D7F934FD45D9064CE78880FB73D09 B1ACD107
live.            86400    IN    RRSIG    DS 8 1 86400 20210427170000 20210414160000 14631 . YbQEzenUx/Dp6C8UcX9fsFqDjyc+eDgcU6oJRZUT63sxJfdatMpHYwWT NCHA8uUTV8W+OVacXR9yduTWgt9jUdAzEHFeg0r4j1PPIDDE7mOB2UUF Fe8lEkny+1bRwXIh/9jsQ0/W5BNIBoSPHRpydE1B36i31V9BLp7KTwWJ sefnFqB8ZL1uZ8rSCw9sVRisegSvcDWZtD7huqkGVcWScLPDVr8/Qj6P 25zEKh6wNPHZDpmIdxvujPFnt7tdY95Jz6P8G7cJwXYdG6ChW7My4XJ5 NRzNjVuFDmWTQSn5S1uEXYL/160ArtHa+M/BE2PKXRxSZa+7djKP9Ida L3qdOQ==
;; Received 708 bytes from 192.5.5.241#53(F.ROOT-SERVERS.NET) in 1 ms

swapnil.live.        86400    IN    NS    ns-1744.awsdns-26.co.uk.        <--- These are the name servers that are in use.
swapnil.live.        86400    IN    NS    ns-863.awsdns-43.net.
swapnil.live.        86400    IN    NS    ns-385.awsdns-48.com.
swapnil.live.        86400    IN    NS    ns-1051.awsdns-03.org.
swapnil.live.        86400    IN    DS    45482 13 2 D64D695A19C2BEB920B376E48403B5A77A2816DB5A4AE4B7D37BF719 34F85852
swapnil.live.        86400    IN    RRSIG    DS 8 2 86400 20210509045136 20210409041400 12795 live. c71wlpB/k+75nWuVYGcp08yYqZSfeLeuaABBXZM6YFvK6HcMZzzaBkOZ bOEm9s37tfnPBDbFBAhzZaMkz6Ef8RJFnkEYqjaqTwxD/vz+Ztwb9ECB EpnXGut0iZICGpFF7Gg5nZeWDbNs/ihC0QGe63Npqful+ry0uBhwnl1I PwKbGd1VC5NGnO7jNTRwgIIGQnS5a3tFZd0HFb/U+O+cCA==
;; Received 425 bytes from 37.209.194.7#53(demand.beta.aridns.net.au) in 0 ms

swapnil.live.        5    IN    A    52.216.134.18
swapnil.live.        5    IN    RRSIG    A 13 2 5 20210415060418 20210415040413 26088 swapnil.live. mgzBciE3HMEg2ecZEIsZIa4l5UpDRi11sEe6ZFlh0d9DGormSdv5HhER zm4qcdb5IXDVe7GIQ+zp2J+5F+lYYQ==
;; Received 165 bytes from 205.251.193.129#53(ns-385.awsdns-48.com) in 15

Test the backend server response

Using the following command, test the response of the backend server:

curl -IvkL <domain_name>

Example output:

curl -IvkL swapnil.live
* Rebuilt URL to: swapnil.live/
*   Trying 52.216.25.195...            <----- Domain resolved to an IP address
* TCP_NODELAY set
* Connected to swapnil.live (52.216.25.195) port 80 (#0)        <--- Connected to S3 bucket
> HEAD / HTTP/1.1
> Host: swapnil.live
> User-Agent: curl/7.61.1
> Accept: */*
>
< HTTP/1.1 403 Forbidden                <----- Response from S3 bucket
HTTP/1.1 403 Forbidden
< x-amz-error-code: AccessDenied
x-amz-error-code: AccessDenied
< x-amz-error-message: Access Denied
x-amz-error-message: Access Denied
< x-amz-request-id: 4ANTJRWVRT5489ZW
x-amz-request-id: 4ANTJRWVRT5489ZW
< x-amz-id-2: HcuMJslI/Biry9uJYhx9hSyybld0CrEeSagaNqcFJqzormpeup2aPKzW58OPgIQDZGG2rn3RPI4=
x-amz-id-2: HcuMJslI/Biry9uJYhx9hSyybld0CrEeSagaNqcFJqzormpeup2aPKzW58OPgIQDZGG2rn3RPI4=
< Date: Thu, 15 Apr 2021 05:09:16 GMT
Date: Thu, 15 Apr 2021 05:09:16 GMT
< Server: AmazonS3                      <----- Server = Amazon S3
Server: AmazonS3

<
* Connection #0 to host swapnil.live left intact