Routing Traffic With Route53 And Cloudfront
Wire a custom domain through Route 53 alias records to an existing CloudFront distribution with validated AWS parameters.
Overview
Routing Traffic With Route53 And Cloudfront is an agent skill for the Ship phase that configures Amazon Route 53 to route a custom domain to an Amazon CloudFront distribution.
Install
npx skills add https://github.com/aws/agent-toolkit-for-aws --skill routing-traffic-with-route53-and-cloudfrontWhat is this skill?
- SOP for Route 53 hosted zones, CloudFront alternate domain names (CNAMEs), and alias records
- Required parameters: domain_name and distribution_id; optional hosted_zone_id, aws_region, enable_ipv6
- Validates CloudFront distribution ID format and domain_name shape before changes
- Supports direct chat input or JSON/YAML configuration files for parameters
- Optional AAAA records when enable_ipv6 is true (default true)
- Default aws_region us-east-1 for Route 53 operations
- enable_ipv6 defaults to true for AAAA record creation
Adoption & trust: 931 installs on skills.sh; 819 GitHub stars; 3/3 security scanners passed (skills.sh audits).
What problem does it solve?
Your app runs behind CloudFront but visitors still hit the default domain because Route 53 aliases and CloudFront alternate names were never set up correctly.
Who is it for?
Solo builders launching on AWS with an existing CloudFront distribution who want a stepwise DNS+CDN domain hookup.
Skip if: Greenfield CDN creation from scratch without a distribution_id, multi-cloud DNS, or teams that only need local dev hostnames.
When should I use this skill?
User needs Route 53 to route traffic to a CloudFront distribution using domain_name and distribution_id.
What do I get? / Deliverables
Your validated domain_name resolves through Route 53 alias records to the specified distribution_id with alternate domain names configured on CloudFront.
- Configured CloudFront alternate domain names
- Route 53 alias (and optional AAAA) records
- Prerequisite verification checklist outcome
Recommended Skills
Journey fit
Canonical Ship/launch placement matches the moment solo builders point a production domain at CDN edge traffic right before or as they go live. Launch subphase covers custom domain cutover, alternate domain names on CloudFront, and DNS alias setup—not day-two error triage.
How it compares
Infrastructure SOP for DNS-to-CloudFront cutover—not a Terraform generator or application deploy skill.
Common Questions / FAQ
Who is routing-traffic-with-route53-and-cloudfront for?
Indie developers and tiny teams shipping web apps on AWS who own the domain and already created a CloudFront distribution.
When should I use routing-traffic-with-route53-and-cloudfront?
At Ship launch when you add a production custom domain, migrate DNS to Route 53, or enable IPv6 alias records for your CDN endpoint.
Is routing-traffic-with-route53-and-cloudfront safe to install?
It drives live DNS and CDN configuration; review the Security Audits panel on this Prism page and use least-privilege AWS credentials.
SKILL.md
READMESKILL.md - Routing Traffic With Route53 And Cloudfront
# Configure Route 53 to Route Traffic to CloudFront Distribution ## Overview This SOP provides a systematic approach to configure Amazon Route 53 to route traffic to an Amazon CloudFront distribution using a custom domain name. It includes verifying prerequisites, creating hosted zones if needed, configuring alternate domain names (CNAMEs) on the CloudFront distribution, and creating alias records in Route 53. ## Parameters - **domain_name** (required): The custom domain name to use for routing traffic to CloudFront (e.g., example.com or www.example.com) - **distribution_id** (required): The CloudFront distribution ID to route traffic to - **hosted_zone_id** (optional): The Route 53 hosted zone ID for the domain. If not provided, the SOP will search for or create one - **aws_region** (optional, default: "us-east-1"): The AWS region for Route 53 operations - **enable_ipv6** (optional, default: true): Whether to create AAAA records for IPv6 support **Constraints for parameter acquisition:** - You MUST ask for all required parameters upfront in a single prompt rather than one at a time - You MUST support multiple input methods including: - Direct input: Values provided directly in the conversation - Configuration files: JSON or YAML configuration files - You MUST validate that distribution_id follows AWS CloudFront distribution ID format (E[A-Z0-9]+) - You MUST validate that domain_name is a valid domain format - You MUST confirm successful acquisition of all parameters before proceeding ## Steps ### 1. Verify Dependencies Check for required tools and warn the user if any are missing. **Constraints:** - You MUST verify the following tools are available in your context: - aws_api_call_aws - You MUST ONLY check for tool existence and MUST NOT attempt to run the tools because running tools during verification could cause unintended side effects - You MUST inform the user about any missing tools with a clear message - You MUST ask if the user wants to proceed anyway despite missing tools - You MUST respect the user's decision to proceed or abort - You MUST verify AWS CLI is properly configured with this command: ``` aws sts get-caller-identity ``` ### 2. Verify CloudFront Distribution Get the CloudFront distribution details and verify it exists. **Constraints:** - You MUST retrieve the distribution configuration using: ``` aws cloudfront get-distribution --id {distribution_id} ``` - You MUST extract the distribution domain name from the response - You MUST check if IPv6 is enabled for the distribution - You MUST verify the distribution status is "Deployed" - You MUST inform the user if the distribution is not in "Deployed" status and ask if they want to continue ### 3. Check Alternate Domain Names (CNAMEs) Verify if the custom domain is already configured as an alternate domain name on the CloudFront distribution. **Constraints:** - You MUST check if the domain_name is listed in the distribution's alternate domain names (CNAMEs) - If the domain is NOT in the CNAMEs list, You MUST inform the user that the domain needs to be added to the distribution - You MUST provide instructions for adding the domain to the distribution's alternate domain names - You MUST NOT proceed with Route 53 configuration until the domain is properly configured in CloudFront because Route 53 alias records will not work without proper CNAME configuration ### 4. Configure ACM Certificate Request and validate an SSL certificate for the custom domain to enable HTTPS. **Constraints:** - You MUST inform the user that HTTPS requires an SSL certificate from AWS Certificate Manager - You MUST request the certificate in the us-east-1 region (required for CloudFront) using: ``` aws acm request-certificate --domain-name {domain_name} --validation-method DNS --region us-east-1 ``` - You MUST capture the certificate ARN from the response - You MUST retrieve the DNS validation records using: ``` aws acm describe-certif