The Control Room AWS account manages API Tasks by making API calls to endpoints linked to Elastic Kubernetes Service (EKS) compute resources in the Infrastructure AWS account. To facilitate these secure HTTPS communications, you must configure a domain to host the API Tasks endpoints.

The following steps allow you to configure a domain for the EKS compute resources.

Procedure

  1. Create a public hosted zone for the domain if it does not already exist.
  2. Create a public hosted zone for the api-task-childdomain.mydomain child domain.
  3. Create a NS record in the domain.
    Enter the NS record entries from the child domain into it.
    Note: This NS record is needed for certificate validation through DNS.
  4. Open certificate manager and request a public certificate. Please note that this certificate must be requested in the same AWS region where we deploy the api task cloudformation template.(TODO: support private certificates).
    1. Enter api-task-childdomain and *.api-task-childdomain.my-domain.com as the FDQNs associated with the certificate
    2. Select Validation method - DNS validation
    3. Select Key algorithm - RSA 2048
    4. Select Request
    5. Select the certificate and click Create records in Route53.
      The certificate might take 5-10 minutes to validate.