Amazon Route 53 - AWS GovCloud (US)

Amazon Route 53

Amazon Route 53 is a highly available and scalable Domain Name System (DNS) web service. In the AWS GovCloud (US), you can use Route 53 private DNS and health checking.

How Amazon Route 53 Differs for AWS GovCloud (US)

Private Hosted Zones

  • You can create private hosted zones in the AWS GovCloud (US). In general, the functionality is the same as for private hosted zones in the global version of Route 53. However, you can create alias records only when the alias target is another record in the same hosted zone. To route traffic to another AWS resource, such as an ELB load balancer or an S3 bucket, you can use a CNAME record instead of an alias record unless you're creating a record at the zone apex.

Health Checking

  • You can create health checks that monitor endpoints in the AWS GovCloud, and you can create health checks that monitor the status of other health checks.

  • As in other AWS Regions, if you create a health check that monitors an endpoint in the AWS GovCloud, you must make the endpoint available on the public internet. Route 53 health checkers send health checking requests over the public internet.

  • You can restrict access to your endpoints by allowlisting the IP addresses of Route 53 health checkers in the AWS GovCloud:

    • 160.1.56.0/25

    • 160.1.55.0/25

    • 160.1.55.128/25

    • 18.253.167.128/25

    • 18.253.168.0/25

    • 18.253.167.0/25

Amazon Route 53 Resolver DNS Firewall

  • Managed domain lists are not supported within AWS GovCloud (US).

Documentation for Amazon Route 53

Amazon Route 53 documentation.

Export-Controlled Content

For AWS Services architected within the AWS GovCloud (US) Regions, the following list explains how certain components of data may leave the AWS GovCloud (US) Regions in the normal course of the service offerings. The list can be used as a guide to help meet applicable customer compliance obligations. Data not included in the following list remains within the AWS GovCloud (US) Regions.

  • This service can generate metadata from customer-defined configurations. AWS suggests customers do not enter export-controlled information in console fields, descriptions, resource names, and tagging information.