Amazon Route 53 is AWS's highly available and scalable Domain Name System (DNS) service. It does three things: domain registration, DNS routing, and health checking. Whether you're pointing a domain at an EC2 instance, routing traffic to a CloudFront distribution, or implementing failover between regions, Route 53 is the tool for the job. This guide explains how Route 53 works and how to configure it for real-world scenarios.
What Is DNS and Why It Matters
DNS (Domain Name System) translates human-readable domain names (like example.com) into IP addresses that computers use to communicate. When a user types your domain into a browser, a DNS resolver queries a chain of DNS servers to find the IP address associated with that domain. Route 53 is the authoritative DNS server for your domain.
Route 53 Core Concepts
- Hosted Zone — A container for DNS records for a specific domain. A public hosted zone routes traffic on the internet; a private hosted zone routes within a VPC.
- Record Set — A DNS record that maps a name to a value. Types include A (IPv4), AAAA (IPv6), CNAME, MX, TXT, and NS records.
- Alias Record — Route 53's extension of CNAME. Points to AWS resources (ALB, CloudFront, S3 website) without the CNAME restriction on the root domain. Free for queries.
- TTL (Time to Live) — How long DNS resolvers cache your record. Low TTL = faster propagation of changes. High TTL = fewer DNS queries (lower cost).
Creating a Hosted Zone
# Create a public hosted zone for your domain
aws route53 create-hosted-zone
--name example.com
--caller-reference $(date +%s)
# List hosted zones
aws route53 list-hosted-zones --output tableAfter creating the hosted zone, Route 53 gives you four nameserver (NS) records. You must update your domain registrar (wherever you bought the domain) to use these nameservers. Propagation takes up to 48 hours, though usually under 30 minutes.
Creating DNS Records
A Record: Point Domain to an EC2 Instance
aws route53 change-resource-record-sets
--hosted-zone-id Z1234567890ABC
--change-batch '{
"Changes": [{
"Action": "CREATE",
"ResourceRecordSet": {
"Name": "example.com",
"Type": "A",
"TTL": 300,
"ResourceRecords": [{"Value": "54.211.100.200"}]
}
}]
}'Alias Record: Point Domain to an ALB
aws route53 change-resource-record-sets
--hosted-zone-id Z1234567890ABC
--change-batch '{
"Changes": [{
"Action": "CREATE",
"ResourceRecordSet": {
"Name": "example.com",
"Type": "A",
"AliasTarget": {
"HostedZoneId": "Z35SXDOTRQ7X7K",
"DNSName": "my-alb-1234567890.us-east-1.elb.amazonaws.com",
"EvaluateTargetHealth": true
}
}
}]
}'CNAME: Subdomain to Another Domain
# Point www.example.com to example.com
aws route53 change-resource-record-sets
--hosted-zone-id Z1234567890ABC
--change-batch '{
"Changes": [{
"Action": "CREATE",
"ResourceRecordSet": {
"Name": "www.example.com",
"Type": "CNAME",
"TTL": 300,
"ResourceRecords": [{"Value": "example.com"}]
}
}]
}'Routing Policies
Route 53 supports multiple routing policies beyond simple DNS resolution:
- Simple — Returns a single value. Default.
- Weighted — Distribute traffic across multiple resources by percentage. Great for blue/green deployments (send 10% to new version, 90% to old).
- Latency-based — Routes users to the AWS region with the lowest latency. Ideal for multi-region applications.
- Failover — Primary/secondary failover with health checks. Traffic goes to primary; if it fails health checks, Route 53 automatically routes to secondary.
- Geolocation — Route users based on their geographic location. Useful for compliance (EU users to EU servers) or content localization.
- Geoproximity — Route based on proximity, with traffic bias controls.
- Multi-value answer — Returns multiple healthy values; clients pick one. Not a load balancer, but improves availability.
Health Checks
Route 53 can monitor the health of your endpoints and automatically remove unhealthy endpoints from DNS responses:
# Create a health check for an HTTP endpoint
aws route53 create-health-check
--caller-reference $(date +%s)
--health-check-config '{
"IPAddress": "54.211.100.200",
"Port": 80,
"Type": "HTTP",
"ResourcePath": "/health",
"RequestInterval": 30,
"FailureThreshold": 3
}'Route 53 checks the endpoint every 30 seconds from multiple locations globally. If 3 consecutive checks fail, the endpoint is marked unhealthy and failover activates.
Private Hosted Zones
A private hosted zone resolves DNS names within one or more VPCs — without exposing records to the public internet. Use this to create friendly internal hostnames like db.internal.example.com that resolve to private IP addresses within your VPC:
# Create a private hosted zone
aws route53 create-hosted-zone
--name internal.example.com
--caller-reference $(date +%s)
--hosted-zone-config Comment="Private zone",PrivateZone=true
--vpc VPCRegion=us-east-1,VPCId=vpc-0abc12345def67890Route 53 Pricing
- Hosted zone: $0.50/month per hosted zone (first 25 free in some accounts)
- DNS queries: $0.40 per million queries (first 1 billion queries/month)
- Health checks: $0.50/month per endpoint
- Domain registration: varies by TLD ($12/year for .com)
Summary
Route 53 is far more than a simple DNS service. With routing policies, health checks, and alias records, it becomes a powerful traffic management layer for multi-region applications. Understanding Route 53 is essential for any AWS architect designing for high availability and global reach.