Back to Journal

Restoring a deleted Route 53 record for an ECS service

Listen to this articleAI narration
0:00 / 0:00

"I accidentally removed that domain connection in Route 53." The production app subdomain was returning NXDOMAIN. The service was running on ECS somewhere in eu-north-1. Time to trace backward from the domain to the infrastructure.

The hosted zone existed. Checking records showed only an ACM validation CNAME—the A record was missing.

Finding the Infrastructure

Listing ECS clusters in eu-north-1: cluster-nxw-prod-marketplace-g1 and cluster-nxw-prod-payment. The naming pattern made it obvious.

The marketplace cluster had one service: svc-nxw-prod-marketplace-g1. Describing it revealed the target group: tg-nxw-prod-marketplace-g1/cb622489edb9b2fd.

Target groups link to load balancers. Describing the target group returned the ALB ARN: loadbalancer/app/lb-nxw-prod-marketplace-g1/74e395fd6c89576e.

The load balancer details provided two critical pieces: DNS name lb-nxw-prod-marketplace-g1-335120136.eu-north-1.elb.amazonaws.com and hosted zone ID Z23TAZ6LKFMNIO (the canonical zone for ELBs in eu-north-1).

Creating the Alias Record

Route 53 alias records are AWS-native pointers that work at the zone apex without CNAME limitations. The change batch uses UPSERT with an AliasTarget:

{
  "Action": "UPSERT",
  "ResourceRecordSet": {
    "Name": "app.client.se",
    "Type": "A",
    "AliasTarget": {
      "HostedZoneId": "Z23TAZ6LKFMNIO",
      "DNSName": "lb-nxw-prod-marketplace-g1-335120136.eu-north-1.elb.amazonaws.com",
      "EvaluateTargetHealth": true
    }
  }
}

EvaluateTargetHealth integrates Route 53 with ALB health checks—no DNS pointing to dead endpoints. The change returned status PENDING and propagated within seconds.

DNS Resolution Flow (Restored)Clientapp.client.seRoute 53A (Alias)ALBHTTPS/443ECS TasksFargateRoute 53 Record DetailsName: app.client.seType: A (Alias)Target: lb-nxw-prod-marketplace-g1-335120136.eu-north-1.elb.amazonaws.comHosted Zone: Z23TAZ6LKFMNIOEvaluateTargetHealth: true

Verification confirmed the record: app.client.se now pointed to the ALB with health evaluation enabled. DNS resolved within minutes.

Takeaways

AWS naming conventions make discovery trivial. The cluster-nxw-prod-marketplace-g1 pattern led directly to svc, tg, and lb resources. Without consistent naming, finding the right load balancer would be guesswork.

Route 53 alias records are first-class AWS resources. They point by hosted zone ID, not IPs—automatic updates when resources change.

ECS discovery is a chain: service → target group → load balancer → DNS. Each step provides the ARN for the next.

EvaluateTargetHealth matters. One flag prevents DNS pointing to unhealthy targets.

The domain was down minutes, not hours. Infrastructure discovery is pattern matching—follow the naming, follow the ARNs, find the link.