Domains, DNS, and Content Delivery – SOA-C02 Study Guide

This chapter covers the following official AWS Certified SysOps Administrator – Associate (SOA-C02) exam domain:

Domain 5: Networking and Content Delivery

(For more information on the official AWS Certified SysOps Administrator – Associate [SOA-C02] exam topics, see the Introduction.)

Domain Name Servers (DNS) are used to resolve domain names on the Internet and to direct traffic toward the appropriate resource. Complex DNS decisions must be made, and these choices can significantly impact the performance, cost, and availability of your web application.

Route 53

This section covers the following objective of Domain 5 (Networking and Content Delivery) from the official AWS Certified SysOps Administrator – Associate (SOA-C02) exam guide:

5.2 Configure domains, DNS services, and content delivery

CramSaver

If you can correctly answer these questions before going through this section, save time by skimming the Exam Alerts in this section and then completing the Cram Quiz at the end of the section.

1. What type of Route 53 record can be used to send requests to a CloudFront distribution?

2. What is the purpose of a Route 53 private hosted zone?

Answers

1. Answer: A Route 53 A record with an alias target can be used to send traffic to other AWS services like CloudFront.

2. Answer: A private hosted zone defines how Route 53 should respond to DNS queries for a domain and its subdomains within a VPC.

Route 53 is a hosted DNS service. It is one of the most popular services offered by AWS. It allows users to register domain names, apply routing policies, and perform infrastructure health checks on their web services. Route 53 works with web services running inside AWS (such as an EC2 web server) or private hosted applications such as web servers running in an on-premises datacenter.

Public and Private Zones

Figure 12.1 shows an EC2 instance that is a web server. All EC2 instances always have a private IP. This instance also has a public IP on a public subnet that is reachable from the Internet. If a user on the Internet wants to reach this website, Route 53 should resolve the user’s request to the IP address of the web server. This example is considered a public hosted zone; however, you may have resources inside your VPC that also need to connect to this web server. You do not want that DNS query to be handled by the public hosted zone because that would force the traffic to traverse the Internet.

To avoid this situation, you can create a private hosted zone in Route 53 and associate it with the VPC. In Figure 12.1, users on the Internet and users in the VPC are resolving example.com. The result returned by the public hosted zone is a public IP. The private hosted zone resolves to a private IP address.

FIGURE 12.1 Route 53 public and private zones