Home A - Z
Page Index 
# P2-5a: Wildcard DNS Infrastructure

## Status: Complete

## Branch
`feat/P2-5a-wildcard-infra` (from `phase-2`)

## Changes
- **`infra/__main__.py`**: Added a second `DnsComponent` instance for `*.wikibot.io`
- No changes to `infra/components/dns.py` — the existing component already supports wildcard domains

## New Resources (7)
| Resource | Type |
|----------|------|
| `wildcard` | DnsComponent (parent) |
| `wildcard-cert` | ACM Certificate for `*.wikibot.io` |
| `wildcard-cert-validation` | Route 53 CNAME for DNS validation |
| `wildcard-cert-validated` | ACM CertificateValidation |
| `wildcard-domain` | API Gateway v2 DomainName |
| `wildcard-mapping` | API Gateway v2 ApiMapping |
| `wildcard-dns` | Route 53 A record (alias to API Gateway) |

## Verification
- `pulumi preview` passes: +7 to create, 65 unchanged
- `dev.wikibot.io` resources untouched
- New export: `wildcard_domain_url` = `https://*.wikibot.io`

## Design Notes
- Separate cert for wildcard (not modifying dev cert) — simplest approach, avoids risk to existing setup
- Wildcard A record + API mapping both point to the existing `otterwiki_apigw` API Gateway and stage
- Multi-tenant routing (`username.wikibot.io`) will be handled at the application layer (P2-5b)
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9