SBN

Configuring DNS in AWS

Introduction

The Domain Name System (DNS) is necessary for routing traffic across the internet. It accomplishes this task by converting easily remembered domain names (example.com) into the IP addresses required for the underlying network. DNS was designed as a distributed system to allow for fault tolerance and stability.

This article will cover the basics of DNS in AWS and a few of its advantages, as well as briefly touching on some of the more advanced features that are offered by Amazon. Finally, we will discuss how AWS secures network traffic once it reaches your Virtual Private Cloud (VPC) and how it is monitored.

AppSec/API Security 2022

What is Route 53?

Route 53 is Amazon Web Service’s (AWS) DNS service. It was named this because the common port for DNS is port 53. Amazon designed Route 53 to be highly reliable and scalable as well as cost-effective.

Route 53 allows users to create public and private zones. Public-hosted zones determine how internet traffic is routed. A private-hosted zone, on the other hand, shows how traffic is routed within your Amazon VPC (within your private AWS environment).

All common DNS entries can be created within Route 53 (A, CNAME, MX, TXT, etc.). Additionally, it can be used as the authoritative name server, including the Start of Authority entry (SOA), or you can point your on-premise or third-party DNS using name server entries (NS).

Advantages of Route 53

Route 53 offers plenty of advantages over using a standard domain registrar’s DNS. These advantages only grow greater when used with other AWS services such as CloudFront, Application Load Balancers and S3.

When creating a standard DNS entry, there are generally two options for routing your URL: an IP address or an alias (another URL). Most DNS services require your root DNS entry to be a (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Robert Johnson. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/BfRNLZls4ew/