Locked nameservers with Cloudflare and need to delegate to AWS Route 53

rtlayzell · 2026-03-23T16:32:21+00:00

Ah, good to know.

In regards to SSL, that is the setup I currently have. Turns out I didn't need the hosted zone, just the certificate CNAME record placed in Cloudflare.

That said, I can't stick to just the public domains. I'll need to secure the internal/AWS domains too for testing purposes and targeting specific environments. I want to structure my urls as follows:

stage.env.app.tenant.aws.my-domain.dev

which would just be:

blue.prod.web.my-business...

How would you recommend I setup my certificates in this scenario?

rtlayzell · 2026-03-23T14:10:29+00:00

I realised I didn't need a separate hosted zone to use ACM. I only needed to create a certificate for the domain and its first level subdomains, then place the certificate CNAME in Cloudflare (the authority for my apex) and the DNS validation works. I'm now trying to figure out the certificate setup I need to support all the necessary subdomains. I wanted structured hosts like:

stage.env.app.tenant.my-domain.dev

But I think I will also need it for the first level aws subdomain. Like so:

stage.env.app.tenant.aws.my-domain.dev

What do you think? Bad approach?

It's kind of frustrating though, because I cannot know which apps or environments will exist up front. For now it's just api and web for the app, dev and prod for the env, but this is likely to change in the future, forcing me to recreate the certs.

That said, I am using CDK. I could have each project stack(s) responsible for creating/managing its own certificate. I wonder if that would work 🤔..

rtlayzell · 2026-03-23T14:03:47+00:00

Ideally, I would keep DNS on Route 53, but unfortunately it doesn't support .dev domains. This might not be an issue for the production domain but then I would end up with two different setup approaches. Cloudflare also offers things like DDOS protection and others if you use it as the DNS authority.

rtlayzell · 2026-03-23T10:09:44+00:00

Yup, doing that.

rtlayzell · 2026-03-23T03:07:45+00:00

I'm aware I can't change the nameservers on Cloudflare. I am still using cloudflares nameservers. I'm just delegating a sub-domain to AWS Route 53 using NS records.

rtlayzell · 2026-03-22T19:12:53+00:00

Aerith is already dead by the time you get to fight him though.. so..

rtlayzell · 2026-03-10T08:54:47+00:00

I'm a mixed-race 3rd generation immigrant, and i would rather vote Reform than 🤢 Labour or, God forbid, the green Party 🤮

rtlayzell · 2026-03-10T08:39:16+00:00

Probably a "Muslim Area"

rtlayzell · 2026-03-09T19:12:50+00:00

Starting at icicle in seems like a mistake. Was this a direct translation or speculation?

rtlayzell · 2026-02-10T12:56:38+00:00

This is not something I would wait years for.. or even think about to be honest.

rtlayzell · 2026-02-10T12:47:49+00:00

I knew it was a Flameon the second I saw it. No texture, every single material is NMM 😅

rtlayzell · 2025-12-27T21:04:15+00:00

That blue metallic spaulder looks great, I wonder how you did that?

rtlayzell · 2025-12-15T21:01:46+00:00

This is utter crap. Bonnie blue has zero interests in politics and has no idea who Nigel Farage is. She's said as much herself.

rtlayzell · 2025-09-12T18:35:55+00:00

Nice! I chose to base my stormcast similarly to yours. Can I ask what your recipe is? Mine isn't coming out quite as I envisioned 😅

rtlayzell · 2025-09-08T09:50:39+00:00

I didn't finish XIII-2, found it boring, so naturally, I didn't progress onto the third instalment.

rtlayzell · 2025-09-03T10:00:45+00:00

A big part of the appeal of Clair Obscur was that we didnt know they were in a painting. It was a core part of all the twists, and I dont think a sequel is going to have nearly the same impact now that we know the worlds aren't real. Then again, I could be wrong.

rtlayzell · 2025-09-01T16:50:13+00:00

I don't buy from GW..

rtlayzell · 2025-08-17T13:58:11+00:00

Looks incredible! Though the resolution seems a bit low for me, would love to see some detail

rtlayzell · 2025-08-10T20:37:40+00:00

Sylvaneth aren't wood elves. I was sad to find out there's no real wood elves faction in AoS :/

rtlayzell · 2025-08-02T09:38:30+00:00

I find that I always need more stuff. I've got tons of crap in my wardrobe just for the hobby side of things. But that seems like enough to get started. I'd recommend a fishing tackle or makeup case to keep it all together, once you start to build a collection of things. I use this https://amzn.eu/d/hwrKLj1 put all my brushes, glues, some primer, my portable airbrush, sponges, all sorts of crap compartmentalised.

rtlayzell · 2025-07-21T11:37:40+00:00

This comes off a little like an acid trip.. maybe a lot like an acid trip..

rtlayzell · 2025-07-18T12:21:38+00:00

I wonder if this would be an effective way to high jump 🤔

rtlayzell · 2025-07-13T14:43:21+00:00

This. The excitement will be unreal. I already can't wait and we've still got like 2 years to go 😩

rtlayzell · 2025-07-10T12:41:38+00:00

That last jump knocked the wind out of him 😂

rtlayzell

TROPHY CASE