1. Answer: D is correct. A CNAME record cannot be used for the zone apex (example.com). The IP address of the ELB may change, so you should point to the DNS name of the ELB.
2. Answer: B and C are correct. You must first authorize the association of the VPC and the hosted zone. You do this with the aws route53 create-vpc-association-authorization command. Next, you establish the association with the aws route53 associate-vpc-with-hosted-zone command.
This section covers the following objective of Domain 5 (Networking and Content Delivery) from the official AWS Certified SysOps Administrator – Associate (SOA-C02) exam guide:
5.2 Configure domains, DNS services, and content delivery
If you can correctly answer these questions before going through this section, save time by skimming the Exam Alerts in this section and then completing the Cram Quiz at the end of the section.
1. Does geolocation-based routing consider latency as a factor for routing decisions?
2. Can failover routing be combined with other routing policies?
1. Answer: No. Geolocation routing is based only on the physical location of the DNS request.
2. Answer: Yes. Failover routing can be configured in a simple active/standby configuration, but it can also be used with other routing policies like weighted or geolocation routing.
The simple routing policy is the most basic option. Figure 12.4 shows traffic flow with a simple routing policy. The user generates a DNS query for example.com, and an A record is used to send all requests to a single destination. You can configure the time-to-live (TTL) for your DNS record. This determines how long the DNS entry remains cached in DNS resolvers. A longer TTL means that DNS resolvers query Route 53 less often, which reduces your charges. A shorter TTL means that you can update the DNS record across the Internet more quickly.
FIGURE 12.4 Simple routing policy
Figure 12.5 shows an example of a weighted routing policy. Assume Web Server Instance 1 has been working properly for an extended period. Web Server Instance 2 is a new version of your website, and you want to trickle a small amount of traffic to it for testing purposes. The weighted routing policy here responds to DNS queries with the address of Web Server Instance 1 90 percent of the time, and Web Server Instance 2 10 percent of the time, effectively sending a small portion of the traffic to the new instance. You can also have failover routing enabled between these instances.
FIGURE 12.5 Weighted routing policy
Figure 12.6 shows an example of a latency-based routing policy. User1 is in New York and gets lower latency by connecting to a web server in North Virginia. User2 is in California and is routed to the North California web server. Route 53 decides which record to provide based on latency data between the user and the different regions where the web server is hosted.
FIGURE 12.6 Latency-based routing policy