DEV Community

Cover image for Custom Bluesky Handle on AWS with Terraform/OpenTofu
Micah Carrick
Micah Carrick

Posted on • Edited on

6

Custom Bluesky Handle on AWS with Terraform/OpenTofu

How to set up your custom Bluesky handle using Terraform/OpenTofu with AWS Route53.


In this post I'll show some example Terraform code to create DNS records in AWS Route53 to use Domain Names as Handles in Bluesky. This is not just for vanity, it is also one way to verify your account.

While setting up a DNS record in Route53 is very easy to do using the AWS Console a la "click ops", many of us with a DevOps/SRE background have too many scars from manually provisioning infrastructure--even for our own personal projects.

Bluesky is built on the AT Protocol, a decentralized network for social applications. In the AT Protocol your handle (eg. your_handle.bsky.social) is a human-friendly identifier that links to a canonical, permanent decentralized identifier (aka DID).

In order to use a custom domain name for your handle (eg. YOUR_DOMAIN.com) you create a DNS TXT record in which the host will be your handle and the record value resolves to your DID.


First, create a aws_route53_zone if you do not already have a hosted zone for your domain.

resource "aws_route53_zone" "domain" {
  name = "YOUR_DOMAIN"
}
Enter fullscreen mode Exit fullscreen mode

(replace YOUR_DOMAIN with your top-level domain TLD)

Next, find the DNS record value for your DID as described in How to verify your Bluesky account. This value will looks something like did=did:plc:YOUR_DID.

Use this value in the list of records for a TXT type aws_route53_record resource.

resource "aws_route53_record" "TXT_atproto" {
  zone_id = aws_route53_zone.domain.zone_id
  name    = "_atproto.YOUR_DOMAIN"
  type    = "TXT"
  ttl     = 300
  records = [
    "did=did:plc:YOUR_DID"
  ]
}
Enter fullscreen mode Exit fullscreen mode

(replace YOUR_DOMAIN with your handle host name, and YOUR_DID with your DID)

The name attribute of this aws_route53_record resource can be a TLD (eg. YOUR_DOMAIN.com) or a subdomain (eg. YOUR_HANDLE.YOUR_DOMAIN.com).

After you apply this Terraform/OpenTofu you can verify the DNS record using dig.

> dig TXT _atproto.YOUR_DOMAIN +short 
"did=did:plc:YOUR_DID"
Enter fullscreen mode Exit fullscreen mode

Finally, update your handle in your Bluesky account settings as described in How to verify your Bluesky account.


You can find me on Bluesky as @micah.carrick.social.

Reinvent your career. Join DEV.

It takes one minute and is worth it for your career.

Get started

Top comments (0)

Image of AssemblyAI

Automatic Speech Recognition with AssemblyAI

Experience near-human accuracy, low-latency performance, and advanced Speech AI capabilities with AssemblyAI's Speech-to-Text API. Sign up today and get $50 in API credit. No credit card required.

Try the API

👋 Kindness is contagious

Explore a sea of insights with this enlightening post, highly esteemed within the nurturing DEV Community. Coders of all stripes are invited to participate and contribute to our shared knowledge.

Expressing gratitude with a simple "thank you" can make a big impact. Leave your thanks in the comments!

On DEV, exchanging ideas smooths our way and strengthens our community bonds. Found this useful? A quick note of thanks to the author can mean a lot.

Okay