By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

route53 private zone forward to public zone

0

Hi,

I just migrated a public DNS zone (example.com) to AWS Route53, everything works as excpeted. Now I want to create a private DNS zone for this domain. I've setup a private zone for example.com. My problem is: if I have an entry (onlypublic.example.com) in the public zone but not in the private zone, I won't be able to resolve that name from the VPC. It behave like the private zone says "I don't know that entry" without forwarding it to the public zone.

How could I achieve that ? I know that using a sub domain (xxx.private.example.com) for private entries would help, but I don't want to use that.

Before the migration to AWS, I used RPZ in Bind9 to acheive this.

Thanks !

Topics
Networking & Content Delivery
Tags
Amazon Route 53
Language
English
edouard
asked a year ago659 views
1 Answer
1
Accepted Answer

Hi,

Route53 currently does not have this capability. Depending on the volatility I can see two approaches to get you there:

  1. Duplication: If it is a single, static DNS entry your easiest approach might be to just duplicate the DNS entry to the private zone.
  2. Sync via additional automation: If there are multiple entries, or if they change regularly, an approach might be to write a custom Lambda which syncs the selected public entries to the private zone.

If this is cross account you might have issues with alias entries, as you cannot use them in an account where the resource does not reside.

EXPERT
Andreas Seemueller
answered a year ago
profile picture
EXPERT
Antonio_Lagrotteria
reviewed a year ago
profile picture
EXPERT
Riku_Kobayashi
reviewed a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content