Route53 domain not connecting to cloudfront distribution with static site

Question

Problem

I have a nextjs static site I am hosting on S3 and serving with cloudfront. I have already validated that the website works fine with the cloudfront url. The problem arises when trying to connect it to my domain I have registered in route53. If it makes a difference, I originally created the domain with bluehost and then transfered over to aws.

dig NS <my-domain> returns SERVFAIL instead of the nameservers
going to the domain in the browser gives ERR_NAME_NOT_RESOLVED

I tried following this article pretty closely but seems I'm still missing something: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html

current configuration

Cloudfront

alternate domains set as www.<my-domain>.com and <my-domain>.com
custom ssl cert is set as the same ACM cert I created and validated
ipv6 is on

Route53 hosted zone

records
- A alias record for www.<my-domain>.com -> cloudfront dist
- AAAA alias record for www.<my-domain>.com -> cloudfront dist
- A alias record for <my-domain>.com -> cloudfront dist
- AAAA alias record for <my-domain>.com -> cloudfront dist
- NS record that I've changed to be the same as what shows up under name servers in the registered domains page
under hosted zone details, shows different name servers than both the NS record and what appears in the registered domain page

Route53 registered domains

Domain status code
- clientDeleteProhibited
- clientTransferProhibited
- clientUpdateProhibited

ACM

cert requested and email validated successfully
domains are <my-domain>.com and *.<my-domain>.com
associated resources shows my cloudfront dist
status is "Issued"

Is there anything I am missing that is causing the dns to not resolve? Let me know if I need to provide more info.

dig NS <my-domain>.com or www.<my-domain>.com returns SERVFAIL instead of the nameservers
going to the domain in the browser gives ERR_NAME_NOT_RESOLVED instead of website
updating the NS record in route53 to match the registered domain did not resolve dns
updating the name servers list in route53 registered domains to match hosted zone's name servers (shows status "failed")

score 0 · Answer 1 · answered Aug 04 '23 at 15:32

0

"NS record that I've changed to be the same as what shows up under name servers in the registered domains page"

You should have done the opposite. You need to update your registered domain's name servers to be whatever the hosted zone initially gave you.

answered Aug 04 '23 at 15:32

Mark B

183,023
24
297
295

So I just changed the NS record to be the same as what's under "hosted zone details" (which I believe is the initial values). Still the same result as before – Brock Lubbers Aug 04 '23 at 16:58

score 0 · Accepted Answer · answered Aug 06 '23 at 15:39

The missing piece that prevented DNS resolution was that the NS records, hosted zone details name servers, and glue records in the domain registration page were not identical when they should be. They got out of sync after I tried re-creating my hosted zone and editing the NS records while troubleshooting.