Aws ec2 webserver with route53

Hi There,

If a website self-hosted on aws ec2 webserver and dns handled by route53,

how can we implement Cloudflare zero trust on that website in order to apply restrictions ?

Did not find single example or documentation if ever possible

Thank you

The Domain must be added to Cloudflare and the DNS must be handled by Cloudflare. Cloudflare must proxy the Traffic to apply restrictions too it

Except if you are willing to pay for a premium price (Business plan or higher) to get the CNAME setup capability - which allows you to retain your existing Route 53 nameservers but just perform CNAME to Cloudflare for the subdomains that you wish to apply Zero Trust.

Once domain is added to Cloudflare then the next step would be setting up Cloudflare Access to protect sensitive URLs from unauthorized access.

1 Like

Thanks Eric,

We are on business plan and we already verified the root domain partially by cname.
Website hosted on ec2, in example subdomain.xyzabc. → a record → ip4 route53
How we can apply Cloudflare`s restriction policies ?

Cloudflare Tunnel creating its own cname for the tunnel once created, not sure what to do with that cname…etc
Do we need to config tunnel wherever it is installed on ?

We sorted this out actually was pretty damn simple than I thought;

Route53

  • create cname record that url points to Cloudflare subdomain.xyzabc.co.cdn.Cloudflare.ne
    (take existing A record noted & delete it before add above)

CF

  • create that A record that is deleted if not exist

ping to that domain, you should get response from CF ip

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.