DevOps: Dynamically provision subdomain for SaaS platform with AWS

SaaS platform generally has multiple tenants. General practice is to provide dedicated subdomain for each tenant. For eg. <tenant-name>.<domain>.com. This article describes about how it can be achieved via AWS Route 53 wildcard DNS entry.

Implementing Dynamic subdomain has several challenges

  • How the new subdomain will be configured and published in DNS?
  • How does SSL certificate gets signed for every new subdomain?
  • How the new subdomain is configured and published on Webserver?
  • How does the SaaS web-tier know about the new subdomain?

Enter the wildcard DNS record. A wildcard DNS record matches any subdomain of that domain name.

* ->

This means any subdomain for will now resolve to For eg:


Creating Wildcard DNS in AWS Route 53

  • Create a Public/Private Hosted Zone.

  • Create a record set with * in the above hosted zone and map it to server or ELB.


Testing the Setup

For testing the setup, below python script which is based on Flask framework can be used.


From the below output we can confirm that we are able to route to subdomain on-the-fly and also fetch the information regarding the subdomain.

[[email protected] ~]$ curl
Tenant Name:amazon
[[email protected] ~]$ curl
Tenant Name:facebook
[[email protected] ~]$ curl
Tenant Name:google