问题
Our domain is registered in Route 53. We have 1 hosted zone, and the domain is currently used for one of our EC2 instances (I think as an elastic IP address). Our hosted zone has all of the records needed to work with our EC2 instance. We now need to use this domain instead for my an application deployed through GCP's Cloud Run. I have headed to console.cloud.google.com/run/domains and clicked Add Mapping, typed in our base url, and received a button to Verify in Webmaster Central, which I click, bringing me to this google page with this dropdown (in the images below I changed my url to the fake domain mydomain.com):
This dropdown does not have Route53 or Amazon Registrar as an option, and I'm not sure what other option to choose. At the bottom is Other, which opens up the following menu:
For step 1, I am struggling. I have logged into my AWS account, went to Route 53, and created a new hosted zone for mydomain.com:
I click on the new hosted zone for mydomain.com, click create record, choose Simple Routing for the policy (there were 6 options: Simple Routing, Weighted, Geolocation, Latency, Failover, Multivalue answer), then click Define Simple Record, and get sent to this page:
I left the record name blank, set the Record Type to TXT, selected IP address or another value depending on the record type, and copy/pasted the line from the google webmaster verification page into the input field. They I click Define Simple Record to create the record.
Unfortunately, after all of this, the verification is not successful from the Google Webmaster verification page. To confirm this, I am receiving the following error notification when I click Verify:
Perhaps moving the domain from Route 53 to Google's DNS would be easier, although to me it seems simpler to leave the domain in AWS and simply give permission to the Cloud Run app to use the domain. This seems like it would be an issue for anybody with an app in Cloud Run and a domain in AWS Route 53.
Edit
When I run dig TXT mydomain.com from the command line, I get something that looks like this (numbers edited):
MyComputer-1:Documents myname$ dig TXT mydomain.com
; <<>> DiG 9.10.6 <<>> TXT mydomain.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26912
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;cbbanalytics.com. IN TXT
;; AUTHORITY SECTION:
mydomain.com. 900 IN SOA ns-923.awsdns-18.com. awsdns-hostmaster.amazon.com. 1 5740 300 1204600 86210
;; Query time: 87 msec
;; SERVER: 6300:1004:dc40:4b00::1#53(2600:1400:dc40:4b00::1)
;; WHEN: Thu Sep 24 11:14:11 PDT 2020
;; MSG SIZE rcvd: 123
Nicholass-MBP-5:Documents nicholas$
回答1:
(Posted solution on behalf of the question author, to move it to the answer section).
Per suggestion in the comments, I deleted the 2nd hosted zone, created the TXT record in the 1st hosted zone (in the same way as done in the screenshot above), and the verification worked.
回答2:
DNS records can take time to propagate, the best would be to query your domain like:
dig TXT mydomain.com
If this doesn't work, it's not Google's fault –you might be misconfiguring your nameservers on the domain name incorrectly (they might not even be pointing to Route53).
If dig returns the desired answer, check the Verification screen again and try verifying again.
来源:https://stackoverflow.com/questions/64037344/how-to-map-domain-in-aws-route53-with-gcp-cloud-run-app