1. Answers
  2. Add A Record in Route 53 to ALB with ACM Certificate

How do I add an A record in Route 53 to an ALB with an ACM certificate?

In this guide, we will create an AWS Application Load Balancer (ALB) and an ACM certificate, and then add an A record in Route 53 to point to the ALB. We will use Pulumi with TypeScript to define and deploy the infrastructure.

Key Points

  • Create an ACM certificate for the domain.
  • Set up an ALB to handle incoming traffic.
  • Add an A record in Route 53 to point to the ALB.

Pulumi Program

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// Define the domain name
const domainName = "example.com";
const hostedZoneId = "Z3P5QSUBK4POTI"; // Replace with your Route 53 Hosted Zone ID

// Create an ACM Certificate
const certificate = new aws.acm.Certificate("cert", {
    domainName: domainName,
    validationMethod: "DNS",
    tags: {
        Name: "ACM Certificate for ALB",
    },
});

// Validate the certificate using DNS
const certValidation = new aws.route53.Record("certValidation", {
    name: certificate.domainValidationOptions[0].resourceRecordName,
    zoneId: hostedZoneId,
    type: certificate.domainValidationOptions[0].resourceRecordType,
    records: [certificate.domainValidationOptions[0].resourceRecordValue],
    ttl: 300,
});

// Create an ALB
const alb = new aws.lb.LoadBalancer("alb", {
    internal: false,
    loadBalancerType: "application",
    securityGroups: [], // Add your security groups here
    subnets: [], // Add your subnets here
    tags: {
        Name: "Pulumi ALB",
    },
});

// Create a target group
const targetGroup = new aws.lb.TargetGroup("targetGroup", {
    port: 80,
    protocol: "HTTP",
    vpcId: "vpc-12345678", // Replace with your VPC ID
    healthCheck: {
        path: "/",
        protocol: "HTTP",
    },
});

// Create a listener for the ALB
const listener = new aws.lb.Listener("listener", {
    loadBalancerArn: alb.arn,
    port: 443,
    protocol: "HTTPS",
    sslPolicy: "ELBSecurityPolicy-2016-08",
    certificateArn: certificate.arn,
    defaultActions: [{
        type: "forward",
        targetGroupArn: targetGroup.arn,
    }],
});

// Add an A record in Route 53 to point to the ALB
const aRecord = new aws.route53.Record("aRecord", {
    zoneId: hostedZoneId,
    name: domainName,
    type: "A",
    aliases: [{
        name: alb.dnsName,
        zoneId: alb.zoneId,
        evaluateTargetHealth: true,
    }],
});

// Export the ALB DNS name and the A record
export const albDnsName = alb.dnsName;
export const aRecordName = aRecord.name;

Summary

In this program, we created an ACM certificate, an ALB, and a Route 53 A record that points to the ALB. This setup ensures that traffic to the specified domain is routed to the ALB, which handles it securely using the ACM certificate.

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up