DEV Community

Cover image for Custom Bluesky Handle on AWS with Terraform/OpenTofu
Micah Carrick
Micah Carrick

Posted on • Edited on

6

Custom Bluesky Handle on AWS with Terraform/OpenTofu

How to set up your custom Bluesky handle using Terraform/OpenTofu with AWS Route53.


In this post I'll show some example Terraform code to create DNS records in AWS Route53 to use Domain Names as Handles in Bluesky. This is not just for vanity, it is also one way to verify your account.

While setting up a DNS record in Route53 is very easy to do using the AWS Console a la "click ops", many of us with a DevOps/SRE background have too many scars from manually provisioning infrastructure--even for our own personal projects.

Bluesky is built on the AT Protocol, a decentralized network for social applications. In the AT Protocol your handle (eg. your_handle.bsky.social) is a human-friendly identifier that links to a canonical, permanent decentralized identifier (aka DID).

In order to use a custom domain name for your handle (eg. YOUR_DOMAIN.com) you create a DNS TXT record in which the host will be your handle and the record value resolves to your DID.


First, create a aws_route53_zone if you do not already have a hosted zone for your domain.

resource "aws_route53_zone" "domain" {
  name = "YOUR_DOMAIN"
}
Enter fullscreen mode Exit fullscreen mode

(replace YOUR_DOMAIN with your top-level domain TLD)

Next, find the DNS record value for your DID as described in How to verify your Bluesky account. This value will looks something like did=did:plc:YOUR_DID.

Use this value in the list of records for a TXT type aws_route53_record resource.

resource "aws_route53_record" "TXT_atproto" {
  zone_id = aws_route53_zone.domain.zone_id
  name    = "_atproto.YOUR_DOMAIN"
  type    = "TXT"
  ttl     = 300
  records = [
    "did=did:plc:YOUR_DID"
  ]
}
Enter fullscreen mode Exit fullscreen mode

(replace YOUR_DOMAIN with your handle host name, and YOUR_DID with your DID)

The name attribute of this aws_route53_record resource can be a TLD (eg. YOUR_DOMAIN.com) or a subdomain (eg. YOUR_HANDLE.YOUR_DOMAIN.com).

After you apply this Terraform/OpenTofu you can verify the DNS record using dig.

> dig TXT _atproto.YOUR_DOMAIN +short 
"did=did:plc:YOUR_DID"
Enter fullscreen mode Exit fullscreen mode

Finally, update your handle in your Bluesky account settings as described in How to verify your Bluesky account.


You can find me on Bluesky as @micah.carrick.social.

Top comments (0)

👋 Kindness is contagious

Discover a treasure trove of wisdom within this insightful piece, highly respected in the nurturing DEV Community enviroment. Developers, whether novice or expert, are encouraged to participate and add to our shared knowledge basin.

A simple "thank you" can illuminate someone's day. Express your appreciation in the comments section!

On DEV, sharing ideas smoothens our journey and strengthens our community ties. Learn something useful? Offering a quick thanks to the author is deeply appreciated.

Okay