Add a custom domain managed by a third-party DNS provider - AWS Amplify Hosting

Add a custom domain managed by a third-party DNS provider

If you are not using Amazon Route 53 to manage your domain, you can add a custom domain managed by a third-party DNS provider to your app deployed with Amplify.

If you are using GoDaddy or Google Domains, see Add a custom domain managed by GoDaddy or Add a custom domain managed by Google Domains for procedures specific to these providers.

To add a custom domain managed by a third-party DNS provider
  1. Sign in to the AWS Management Console and open the Amplify console.

  2. Choose your app that you want to add a custom domain to.

  3. In the navigation pane, choose App Settings, Domain management.

  4. On the Domain management page, choose Add domain.

  5. For Domain, enter the name of your root domain, and then choose Configure domain. For example, if the name of your domain is, enter

  6. By default, Amplify automatically creates two subdomain entries for your domain. For example, if your domain name is, you will see the subdomains and with a redirect set up from the root domain to the www subdomain.

    (Optional) You can modify the default configuration if you want to add subdomains only. To change the default configuration, choose Rewrites and redirects from the navigation pane and configure your domain.

                  The Add domain section on the Domain Management page showing the two
                     subdomain entries that Amplify creates for you.
  7. Choose the SSL/TLS certificate to use. You can either use the default managed certificate that Amplify provisions for you, or a custom third-party certificate that you have imported into AWS Certificate Manager.

    • Use the default Amplify managed certificate.

      1. Choose Amplify managed certificate.

    • Use a custom third-party certificate.

      1. Choose Custom SSL certificate.

      2. Select the certificate to use from the list.

  8. Choose Save.

  9. On the Actions menu, choose View DNS records. In the next step, you will use these DNS records to update your DNS records with your third-party domain provider.

                  Screenshot of the Update DNS records section in the Amplify
  10. Do one of the following:

  11. Go to your DNS provider's website, log in to your account, and locate the DNS management settings for your domain.

  12. Configure a CNAME to point to the AWS validation server. For example, if the validation server is, enter Amplify uses this information to verify ownership of your domain and generate an SSL/TLS certificate for your domain. Once Amplify validates ownership of your domain, all traffic will be served using HTTPS/2.


    The default Amplify certificate generated by AWS Certificate Manager (ACM) is valid for 13 months and renews automatically as long as your app is hosted with Amplify. Amplify can't renew the certificate if the CNAME verification record has been modified or deleted. You must delete and add the domain again in the Amplify console.


    It is important that you perform this step soon after adding your custom domain in the Amplify console. The AWS Certificate Manager (ACM) immediately starts attempting to verify ownership. Over time, the checks become less frequent. If you add or update your CNAME records a few hours after you create your app, this can cause your app to get stuck in the pending verification state.

  13. Configure a second CNAME record (for example, https://*, to point your subdomains to the Amplify domain. If you have production traffic, we recommended you update this CNAME record after your domain status shows as AVAILABLE in the Amplify console.

  14. Configure the ANAME/ALIAS record to point to the root domain of your amplifyapp domain (for example An ANAME record points the root of your domain to a hostname. If you have production traffic, we recommended that you update your ANAME record after your domain status shows as AVAILABLE in the console. For DNS providers that don't have ANAME/ALIAS support, we strongly recommend migrating your DNS to Route 53. For more information, see Configuring Amazon Route 53 as your DNS service.


Verification of domain ownership and DNS propagation for third-party domains can take up to 48 hours. For help resolving errors that occur, see Troubleshooting custom domains.