Route 53

create route 53 hosted zone and set up acm certificates before installing nginx to the cluster, you'll need to have all of the networking squared away this requires creating the necessary ssl certificates and creating some dns records to point various subdomains to the right place purchase and register domain through route53 (optional) if you do not have a domain for your application already, it's easiest to register it through route53 go to route53 >domains >registered domains, then click the 'register domain' button, and follow the workflow to register a domain name create route 53 hosted zone in the aws web client, go to route 53 make a hosted zone for the domain you plan to use for your setup of ir engine you'll be coming back here later to create dns records open the hosted zone, then click on 'hosted zone details' to see more information the value 'hosted zone id' is used in the dev/prod values yaml file for 'route53 hosted zone id' point external registrar subdomains to use route53 nameservers (only if your domain is registered outside route53) if you already have a domain registered with another registrar service, you'll need to add some dns records in there to point the specific subdomains you'll be using to aws' nameservers first, go to route53 >hosted zones and open the domain you'll be using by clicking on the domain name (or highlighting the row and clicking the 'view details' button) there should be two records under records look for the one of type 'ns'; under 'value/route traffic to', there should be four lines that all start with 'ns ' these will be used shortly go to your external registrar and go to the dns records page for each subdomain that will be in use, you need to add four records of type 'ns' the name wil be the subdomain, and the nameserver will be one of the four lines under the 'ns' you need a record for each of the four lines if you're setting up multiple deployments, e g both a dev and prod deployment, you'll need a set of four ns records for each subdomain that those deployments will be behind create certificates with acm go to amazon certificate manager if there are no certs in that region, click on get started under provision certificates, otherwise click on request a certificate you should select request a public certificate, then select request a certificate the next page should be headed add domain names you should add both the top level domain, such as etherealengine org , as well as a wildcard for all subdomains e g etherealengine org , then click next choose dns validation on the next page and click next you can skip adding tags and just click review, then confirm on the final page you should be sent to a page headed validation click on the arrow next to each domain to open more options click on the button create record in route 53 to open a confirmation modal, and in that modal click create as it indicates, it can take up to 30 minutes for these domains to be validated if you click on complete after triggering the record creation for each of them, you should be sent back to the certificates page opening the cert you just made will show the validation status of each domain if you open the details of this certificate, there should be a field 'arn' with a value that looks something like arn\ aws\ acm \<region> \<aws account id>\ certificate/\<a uuid> take note of this for later, when you go to install ingress nginx if you are serving client files from client or api pods you should follow the above instructions to make a second certificate for resources \<domain> note that this certificate must be made in us east 1, regardless of which region everything else is set up in; as of this writing, cloudfront can only use certificates in us east 1 if you are serving client files from the storage provider you should follow the above instructions to make a second certificate for \<release name> \<domain> note that this certificate must be made in us east 1, regardless of which region everything else is set up in; as of this writing, cloudfront can only use certificates in us east 1