Writing about Cloud, architecture, AWS, GCP and software engineering.

S3 website: Why your domain and bucket name must be identical

January 31, 2022

When setting up S3 website hosting you can use a Route53 alias for connecting the domain to the website bucket. This approach forces you to set identical names for the S3 bucket and domain name. In this article I will explain to you why the domain name and bucket names must be identical.

The need for having the same domain and bucket name only applies if you set it up through Route 53 directly. If you set it up with CloudFront the bucket and domain don’t have to be identical.

Before I tell you why this is the case I want to explain something’s about Route53, A records and the extended DNS functionally of Route53. If you already know this and want to know the answer go straight to the conclusion below.

A records and Route53 Alias records

The S3 website is configured with an A record in Route53 for the apex zone (example.com), subdomains can be set up with a CNAME.

The ‘A’ in an A record stands for ‘address’ which indicates the IP address of a given domain. But we cannot configure the S3 website in Route53 with an IP address, because the S3 website endpoint has a lot of different IP addresses worldwide. And AWS can change these IP addresses whenever they need.

So now we have a problem, we must use an IP address to configure the A record for the S3 website, and we don’t know which IP addresses to use. Luckily AWS has a solution for this, Route53 extends the A record with an alias record, a Route53 specific extension to DNS functionality.

Alias records allows you to route traffic to AWS resources. The alias for S3 website endpoint in eu-west-1 region is s3-website-eu-west-1.amazonaws.com. This will not end up in the A record because it would be an invalid record. Instead, Route53 responds to each request for an Alias record with one IP address for the S3 website bucket.

Conclusion

When navigating to your domain, the request goes to a DNS server. Where it gets routed to the IP address of the S3 website endpoint. The only information the S3 website endpoint receives is the domain name you are requesting. Which means it only has the requested domain to find the correct bucket. This is why the domain name and the bucket should have identical names.