How to implement dynamic subdomains for multi-tenant app in AWS

## Problem You're building an SPA web app with a GraphQL/REST API that supports multiple tenants. You want each tenant to have their own unique subdomain, e.g. `tenant1.app.myapp.com`. You need to ensure that all tenants get redirected to the same instance of the app while still being able to identify which tenant they're accessing. ## Solution This can be achieved by using [[AWS CloudFront|CloudFront]] to host the front-end SPA. 1. Create a CloudFront distribution, with the S3 bucket where your SPA assets are stored as the origin 2. Set the alternate domain name to be `*.app.myapp.com` 3. In [[AWS Route53|Route53]] add a CNAME entry to your CloudFront distribution similar to this: ``` *.app.myapp.com. CNAME 3lt3rsz2leycm.cloudfront.net. ``` You shouldn't need to make any changes to your API for this. A good approach is to ensure that when users login (e.g. via Auth0 or Cognito), that the tenantId is provided as a claim inside the JWT token. This ensures that your front-end code doesn't need to include the tenant ID in all requests to the API as it's already embedded inside the auth token. Ideally, you should provision all of the above resources using [[AWS CloudFormation]] (or other [[Infrastructure-as-Code]] tool) instead of doing it in the AWS Console. --- tags: