Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

VPC Endpoint for Route 53

0

I am prototyping a scenario where a new VPC only has "intra" subnets (private with NO NAT Gateway).

We want to run a service inside the subnet that creates records in Route 53, but I cannot find any VPC endpoint for Route 53 in this list to create. This means our service tries to contact the Route 53 API and fails to do so until a timeout occurs.

I suspect (based on how many other services have an endpoint in the list above) this has not been implemented yet, or there are other ways to achieve this in a private "intra" subnet.

Can anyone advise?

The only option a colleague suggested was to create a VPC endpoint to Cloudformation and run a small stack there to create the records in Route 53. It might work, but seems a little hacky.

Thanks in advance for any help/guidance!

-gavin

Topics
Networking & Content Delivery
Tags
Amazon VPCAWS PrivateLinkVirtual Private Cloud
Language
English
asked 2 years ago3.8K views
3 Answers
2

Hello.

The only option a colleague suggested was to create a VPC endpoint to Cloudformation and run a small stack there to create the records in Route 53. It might work, but seems a little hacky.

It's true that this is a slightly special workaround, but since Route53's VPC endpoints are currently not supported, I think this method is effective.
If this method cannot be used, you will need to create a NAT Gateway etc. and connect to Route53's API.

EXPERT
answered 2 years ago
EXPERT
reviewed 2 years ago
AWS
EXPERT
reviewed 2 years ago
2

You could create a Lambda that you call and pass in a payload with information that you want to put in the Route 53 record. The Lambda will have access to the Route 53 API if you 1/ do not connect it to the VPC and 2/ the IAM role for the Lambda has permissions to create/update/delete records.

Hope this helps.

AWS
EXPERT
answered 2 years ago
EXPERT
reviewed 2 years ago
AWS
EXPERT
reviewed 2 years ago
0

I have this exact scenario in my job and finally AWS announced a VPC endpoint for Route53 ( https://aws.amazon.com/about-aws/whats-new/2025/11/amazon-route-53-dns-service-aws-privatelink/ ) and we can access it in any region via the cross-region PrivateLink feature. ( https://aws.amazon.com/blogs/networking-and-content-delivery/aws-privatelink-extends-cross-region-connectivity-to-aws-services/ ).

answered 6 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content