Can Route 53 Resolver resolve DNS queries for resource in the other VPCs?
Can Route 53 Resolver resolve inbound DNS queries for auto assigned private DNS names of resources in the other VPCs. Considering that: VPCs are connected to the same Transit Gateway in a hybrid Connection. I do have inbound endpoint for Route 53 resolver hosted in a single VPC only which my Data center DNS forwarder has route to. All TGW attachments have DNS support enabled.
Anything else I have to do other than creating the endpoints on two separate subnets on the AWS side?
- Newest
- Most votes
- Most comments
Hi, Route 53 Resolver, as described in https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resolver.html, can only resolve local VPC names, Private Hosted Zones (PHZs) or public domain names. So your resources in other VPCs will need records in Route 53 - either public DNS records or PHZs shared across VPCs.
When you have multiple VPCs connected via TGW and "DNS Support" option is enabled at TGW level, you can resolve auto-assigned private DNS names between VPCs. For on-prem, inbound resolver cannot resolve auto-assigned private DNS names.
- You can create a Private Hosted Zone (PHZ) and populate A records for all the private DNS names as they are predictable, for example ip-10-1-1-250.us-west-2.compute.internal will resolve to 10.1.1.250. This PHZ can be attached to the VPC where your inbound resolver is.
- Another option is to deploy a proxy DNS in one of the VPC and that DNS will use VPC CIDR + 2 resolver IP address to resolve private DNS names for all other VPCs
Relevant content
- asked 2 years ago
- asked 6 years ago
AWS OFFICIALUpdated 7 months ago- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
