search

cds-snc / url-shortener

An API written in Python that shortens URLs
MIT License
4 stars 1 forks source link

Subdomain strategy #316

Open dinophile opened 1 year ago

dinophile commented 1 year ago

Will we stick to convention and use url-shortener.canada.ca and it's French cousin to point to the documentation domains and then o.canada.ca for shortened URLs only?

Also document ways we can work with the options Principal Publisher and SSC might come up with if we were to get our subdomain but different ways of managing it.

patheard commented 1 year ago

There are a few things at play here, depending on how things go with the domains:

  1. Subdomains are children of canada.ca.
  2. Subdomains are children of alpha.canada.ca except for o.canada.ca.

1. Subdomains are children of canada.ca.

For this one, we'll need to have multiple DNS records created for us by SSC:

url-shortener.cananda.ca
raccourcisseur-url.canada.ca
o.canada.ca

Depending on how they grant us these records (NS sub domain delegation vs. CNAMEs pointing at our CloudFront distributions) we'll have to adapt the project. If we only get CNAMEs, we will also need to have a strategy for the AWS ACM certificate validation (we'll need to coordinate the creation of TXT validation records).

2. Subdomains are children of alpha.canada.ca except for o.canada.ca.

We'd only need a DNS record created by SSC for o.canada.ca. We could manage the *.alpha.canada.ca DNS records ourselves.

There would still be the same question around how SSC grants the DNS records for o.canada.ca and how we manage ACM cert validation.

Technical piece

For each subdomain we support, we'll need one of each:

  1. ACM certificate (requires DNS TXT records for certificate validation)
  2. CloudFront distribution
  3. DNS CNAME or ALIAS record pointing domain to the CloudFront distribution.

ℹ️ If we use a different certificate provider (or another way of validating the ACM cert) we could likely get away with a single certificate and CloudFront distribution.