AWS ACM and Cloudflare 🌐

2024-10-03
Geoff

Cloudflare DNS + AWS ACM Certificate Validation 🧩

After creating an ACM Certificate in AWS it needs to be validated. One method of validating is via DNS. AWS ACM provides a CNAME name and CNAME value to validate via DNS. You then need to make a DNS record with your DNS provider to verify you own the domain and validate the certificate.

Confusion Sets In 🍭

I was unsure as how and where to create the record; TXT, CERT, CNAME lolz. Eventually it became apparent that AWS was providing CNAME data so the record needs to be a CNAME. When you know you know 🤷‍♂️.

The other caveat is the record needs to be DNS Only.

Cloudflare CNAME Record fields

So, in Cloudflare DNS settings set:

  • Type: CNAME
  • Name: CNAME name, not literally CNAME name but the name provided by AWS ACM
  • Target: CNAME value, not literally CNAME value but the value provided by AWS ACM

For some reason when you copy the name and value from the AWS console it includes a trailing . (dot). I had to remove them in Cloudflare when creating the record.

Phew. 😅

After saving the new record you need to wait a few minutes for AWS to validate the certificate. You can check the status on the AWS ACM console.

Conclusion 🎬

Once you know you know. 🤓 Now we can have Cloudflare and AWS playing nicely together. 🌐

thanks for reading.

📨 Contact GSPC ✉️

AWS Certified Certified Terraform Associate AWS Serverless AWS Certified Developer Associate GitHub Foundations Certification GitHub Actions Certification Certified SysOps Administrator Certified AWS Security Specialist Certified AWS DevOps Engineer Professional GCP: Cloud Digital Leader Certification Badge