AWS Shield Advanced with Route 53

0

Hi, when enabling AWS Shield Advanced I was unsure if I should enable only for Route 53 or is needed for other services as well. I ask because my infrastructure has CloudFront, Classic Load Balancers and some Elastic IPS which are all behind a Route 53 Hosted Zone. In this scenario enabling AWS Shield Advanced only for Route53 is enough or I need to enable for each of the resources that I have (CF, ELBs, etc)?

2 Answers
0

I think it'd be worth reaching out to your local AWS Solutions Architect and/or account team to discuss your requirements here.

However, to answer your question: Shield Advanced covers all of the services you mention. If you're going to enable it, you wouldn't just enable it for Route 53 (and that's not quite how it works in any case). it covers your entire workload.

profile pictureAWS
EXPERT
answered 2 years ago
0

Just because the authoritative DNS for an AWS resource is on Route53, does not mean the resource is 'behind a Route 53 Hosted Zone'. That's not how DNS works.

You need to enable Shield Advanced Protection for each resource that you want enhanced detection, mitigation or cost protection for.

AWS
answered 4 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions