AWS Route 53 Resolver – Hybrid DNS
Route 53 Resolver allows for automatic DNS resolution within the VPC. It can resolve DNS queries between VPCs as well as on-premises networks.
Resolver automatically answers DNS queries for VPC names, such as domain names for EC2 instances and ELB load balancers.
Route 53 Resolver performs recursive searchups against public names servers for all domain names.
Route 53 DNS entries cannot be resolved on-premises, and Route 53 DNS entries cannot be resolved on-premises.
DNS resolution between VPCs and on-premises networks can be set up over a Direct Connect connection or VPN.
Route 53 Resolver can be used to resolve regional issues.
Create a Resolver endpoint within the VPC to use inbound and outbound forwarding.
When defining an endpoint, specify the IP addresses you will forward inbound DNS queries to and the IP addresses from which outbound queries will originate. Resolver creates an elastic VPC network interface for each IP address that is specified.
DNS resolvers can forward DNS queries to Resolver within a specified VPC from the on-premises network.
This allows DNS resolvers the ability to quickly resolve domain names for AWS resources like EC2 instances or records within a Route 53 private hosted area. Outbound Endpoint- Conditionally forward queries from your VPC to resolvers in your network
Route 53 Resolver can forward queries it receives from EC2 instances within the VPCs to DNS resolvers in the on-premises network.
Resolver rules are used to forward certain queries. They specify the domain names of the DNS queries you wish to forward (e.g., and the IP addresses for the DNS resolvers on your on-premises network to which you want the queries to be sent.
Resolver will choose the rule that matches the query (, or, and forward the query to the IP addresses you have specified in that rule. AWS Certification Exam Practice questions
Questions are collected via the Internet. The answers are marked according to my knowledge and understanding (which may differ from yours).
AWS services are constantly updated and the answers and questions may be out of date soon. So make sure to research accordingly.
AWS exam questions cannot be updated to keep up with AWS updates. This means that even if the underlying feature has been changed, the question may not be updated.
Open to further discussion, feedback and correction. A company wants to create a private intranet service using Amazon EC2 instances within a Virtual Private Cloud. The VPC is connected via an AWS Site to-Site VPN to the company’s existing on-premises network. The new service must communicate to the existing on-premises services. Access to on-premises services is done using company-owned hostnames. For example, a DNS zone. This DNS zone is accessible only through the company’s private network and is completely on-premises. A solutions architect must ensure that the new service can resolve hostnames from the company’s example domain. Create an empty private zone in Route 53 to accommodate company.example Add an additional NS Record to the company’s existing company.example zone. This zone points to the authoritative names servers for the new private area in Route 53.
Turn on DNS hostnames to the VPC. Route 53 Resolver can be used to create a new outbound address. To forward company.example requests to the on-premises names servers, create a Resolver Rule.
Turn on DNS hostnames to the VPC. Route 53 Resolver allows you to configure a new inbound resolution endpoint. Configure the on-premises DNS server for forwarding requests for company.example the new resolver.
AWS Systems Manager can be used to configure a run file that will install a hosts folder that contains all required hostnames. Use an Amazon Ev