How do I add an A record in Route 53 to an ALB with an ACM certificate?
In this guide, we will create an AWS Application Load Balancer (ALB) and an ACM certificate, and then add an A record in Route 53 to point to the ALB. We will use Pulumi with TypeScript to define and deploy the infrastructure.
Key Points
- Create an ACM certificate for the domain.
- Set up an ALB to handle incoming traffic.
- Add an A record in Route 53 to point to the ALB.
Pulumi Program
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
// Define the domain name
const domainName = "example.com";
const hostedZoneId = "Z3P5QSUBK4POTI"; // Replace with your Route 53 Hosted Zone ID
// Create an ACM Certificate
const certificate = new aws.acm.Certificate("cert", {
domainName: domainName,
validationMethod: "DNS",
tags: {
Name: "ACM Certificate for ALB",
},
});
// Validate the certificate using DNS
const certValidation = new aws.route53.Record("certValidation", {
name: certificate.domainValidationOptions[0].resourceRecordName,
zoneId: hostedZoneId,
type: certificate.domainValidationOptions[0].resourceRecordType,
records: [certificate.domainValidationOptions[0].resourceRecordValue],
ttl: 300,
});
// Create an ALB
const alb = new aws.lb.LoadBalancer("alb", {
internal: false,
loadBalancerType: "application",
securityGroups: [], // Add your security groups here
subnets: [], // Add your subnets here
tags: {
Name: "Pulumi ALB",
},
});
// Create a target group
const targetGroup = new aws.lb.TargetGroup("targetGroup", {
port: 80,
protocol: "HTTP",
vpcId: "vpc-12345678", // Replace with your VPC ID
healthCheck: {
path: "/",
protocol: "HTTP",
},
});
// Create a listener for the ALB
const listener = new aws.lb.Listener("listener", {
loadBalancerArn: alb.arn,
port: 443,
protocol: "HTTPS",
sslPolicy: "ELBSecurityPolicy-2016-08",
certificateArn: certificate.arn,
defaultActions: [{
type: "forward",
targetGroupArn: targetGroup.arn,
}],
});
// Add an A record in Route 53 to point to the ALB
const aRecord = new aws.route53.Record("aRecord", {
zoneId: hostedZoneId,
name: domainName,
type: "A",
aliases: [{
name: alb.dnsName,
zoneId: alb.zoneId,
evaluateTargetHealth: true,
}],
});
// Export the ALB DNS name and the A record
export const albDnsName = alb.dnsName;
export const aRecordName = aRecord.name;
Summary
In this program, we created an ACM certificate, an ALB, and a Route 53 A record that points to the ALB. This setup ensures that traffic to the specified domain is routed to the ALB, which handles it securely using the ACM certificate.
Deploy this code
Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.
Sign upNew to Pulumi?
Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.
Sign upThank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.