TechWithUtsav

Route 53 and DNS for CloudOps

IntermediateTopic45 min4 min read2 May 2026AWS

Operate DNS in AWS with public and private hosted zones, routing policies, health checks, resolver endpoints, query logging, and failover patterns.

What you'll learn

  • Create hosted zones and DNS records
  • Choose Route 53 routing policies for operations scenarios
  • Configure health checks and DNS failover
  • Understand Resolver endpoints for hybrid DNS

Prerequisites

aws/vpc-networking

Relevant for certifications

SOA-C03SAA-C03
#aws#route53#dns#health-checks#failover#hosted-zone#soa-c03

Route 53 Building Blocks

ComponentPurpose
Public hosted zoneAuthoritative DNS for an internet domain
Private hosted zoneDNS names resolvable only inside associated VPCs
RecordName such as app.example.com mapped to a target
Alias recordAWS-specific record that points to ALB, CloudFront, S3 website, API Gateway, and more
TTLHow long resolvers cache the answer

Alias records

Use Alias A/AAAA records for AWS targets instead of CNAME at the zone apex. Alias records are free for AWS targets and work for root domains like example.com.

Routing Policies

PolicyOperational use
SimpleOne answer, basic DNS
WeightedGradual migration or A/B split
LatencyRoute users to lowest-latency Region
FailoverPrimary/secondary disaster recovery
GeolocationRoute by country or continent
GeoproximityRoute by distance with bias
Multi-value answerReturn several healthy IPs
IP-basedRoute by client CIDR ranges

Health Checks

Route 53 health checks can monitor public HTTP, HTTPS, or TCP endpoints, CloudWatch alarms, and calculated health checks. For private endpoints, use a CloudWatch alarm as the health check source.

Hands-on: Create a DNS Record for an ALB

Goal: Point app.example.com to an Application Load Balancer.

  1. Create or open a public hosted zone for your domain.
  2. Confirm your domain registrar uses the hosted zone name servers.
  3. Create an Application Load Balancer or use an existing one.
  4. In Route 53, choose Create record.
  5. Set record name app, record type A, and Alias enabled.
  6. Route traffic to the ALB in its Region.
  7. Create the record.
  8. Test with:
nslookup app.example.com
curl -I http://app.example.com

Hands-on: Weighted Routing for a Blue/Green Release

Goal: Send 90% of users to blue and 10% to green.

  1. Create two ALBs or two target DNS names: blue for current production and green for the new version.
  2. Create an A Alias record named app.example.com.
  3. Choose Weighted routing.
  4. Set blue weight to 90.
  5. Create a second weighted record with the same name and type.
  6. Set green weight to 10.
  7. Test repeatedly with dig app.example.com.
  8. Increase green weight gradually after health and metrics look good.
  9. Set green to 100 and blue to 0 when migration is complete.

Hands-on: Failover Routing with Health Checks

Goal: Route to a secondary Region when the primary endpoint fails.

  1. Deploy a primary endpoint in Region A and a secondary endpoint in Region B.
  2. Create a Route 53 health check for the primary endpoint using HTTPS and path /health.
  3. Create an A Alias record for app.example.com with failover type Primary and associate the health check.
  4. Create a second record with the same name and failover type Secondary.
  5. Simulate primary failure by returning non-200 on /health.
  6. Confirm Route 53 starts returning the secondary target.

Hybrid DNS with Route 53 Resolver

Use Resolver endpoints when AWS and on-premises DNS must resolve each other:

  • Inbound endpoint: on-prem DNS forwards AWS private names into Route 53 Resolver.
  • Outbound endpoint: AWS workloads forward selected domains to on-prem DNS.
  • Resolver rules: decide which domain suffixes forward where.

Common SOA-C03 Exam Questions

Q: How do you point a root domain to an ALB? Create an Alias A record at the hosted zone apex.

Q: Which routing policy supports active/passive DR? Failover routing with health checks.

Q: How do private EC2 instances resolve on-premises hostnames? Use Route 53 Resolver outbound endpoints and forwarding rules.

What to Learn Next

  1. AWS VPC Networking - private hosted zones and Resolver endpoints
  2. AWS Disaster Recovery for CloudOps - DNS failover patterns
  3. EC2 High Availability and Scalability - load-balanced applications behind DNS

More in Amazon Web Services

AWS Databases for CloudOps

50 min

AWS Disaster Recovery for CloudOps

50 min

EC2 High Availability and Scalability for CloudOps

55 min

Back to Amazon Web Services