Amazon Route 53 | Private DNS Flashcards
Can I use bias for other traffic flow rules?
Private DNS
Amazon Route 53 | Networking & Content Delivery
As of today, bias can only be applied to geoproximity rule.
What is Private DNS?
Private DNS
Amazon Route 53 | Networking & Content Delivery
Private DNS is a Route 53 feature that lets you have authoritative DNS within your VPCs without exposing your DNS records (including the name of the resource and its IP address(es) to the Internet.
Can I use Amazon Route 53 to manage my organization’s private IP addresses?
Private DNS
Amazon Route 53 | Networking & Content Delivery
Yes, you can manage private IP addresses within Virtual Private Clouds (VPCs) using Amazon Route 53’s Private DNS feature. With Private DNS, you can create a private hosted zone, and Route 53 will only return these records when queried from within the VPC(s) that you have associated with your private hosted zone. For more details, see the Amazon Route 53 Documentation.
How do I set up Private DNS?
Private DNS
Amazon Route 53 | Networking & Content Delivery
You can set up Private DNS by creating a hosted zone in Route 53, selecting the option to make the hosted zone “private”, and associating the hosted zone with one of your VPCs. After creating the hosted zone, you can associate it with additional VPCs. See the Amazon Route 53 Documentation for full details on how to configure Private DNS.
Do I need connectivity to the outside Internet in order to use Private DNS?
Private DNS
Amazon Route 53 | Networking & Content Delivery
You can resolve internal DNS names from resources within your VPC that do not have Internet connectivity. However, to update the configuration for your Private DNS hosted zone, you need Internet connectivity to access the Route 53 API endpoint, which is outside of VPC.
Can I still use Private DNS if I’m not using VPC?
Private DNS
Amazon Route 53 | Networking & Content Delivery
No. Route 53 Private DNS uses VPC to manage visibility and provide DNS resolution for private DNS hosted zones. To take advantage of Route 53 Private DNS, you must configure a VPC and migrate your resources into it.
Can I use the same private Route 53 hosted zone for multiple VPCs?
Private DNS
Amazon Route 53 | Networking & Content Delivery
Yes, you can associate multiple VPCs with a single hosted zone.
Can I associate VPCs and private hosted zones that I created under different AWS accounts?
Private DNS
Amazon Route 53 | Networking & Content Delivery
Yes, you can associate VPCs belonging to different accounts with a single hosted zone. You can see more details here.
Will Private DNS work across AWS regions?
Private DNS
Amazon Route 53 | Networking & Content Delivery
Yes. DNS answers will be available within every VPC that you associate with the private hosted zone. Note that you will need to ensure that the VPCs in each region have connectivity with each other in order for resources in one region to be able to reach resources in another region. Route 53 Private DNS is supported today in the US East (Northern Virginia), US West (Northern California), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (Sao Paulo) regions.
Can I configure DNS Failover for Private DNS hosted zones?
Private DNS
Amazon Route 53 | Networking & Content Delivery
Yes, it is possible to configure DNS Failover by associating health checks with resource record sets within a Private DNS hosted zone. If your endpoints are within a Virtual Private Cloud (VPC), you have several options to configure health checks against these endpoints. If the endpoints have public IP addresses, then you can create a standard health check against the public IP address of each endpoint. If your endpoints only have private IP addresses, then you cannot create standard health checks against these endpoints. However, you can create metric based health checks, which function like standard Amazon Route 53 health checks except that they use an existing Amazon CloudWatch metric as the source of endpoint health information instead of making requests against the endpoint from external locations.