VPC endpoint service private DNS name verification - Amazon Virtual Private Cloud

VPC endpoint service private DNS name verification

Your domain is associated with a set of Domain Name System (DNS) records that you manage through your DNS provider. A TXT record is a type of DNS record that provides additional information about your domain. Each TXT record consists of a name and a value.

When you initiate domain ownership verification, we give you the name and value to use for the TXT record. For example, if your domain is myexampleservice.com, the TXT record settings that we generate will look similar to the following example:

Endpoint private DNS name TXT record
Domain verification name Type Domain verification value




Add a TXT record to your domain's DNS server using the specified Domain verification name and Domain verification value. The domain ownership verification is complete when we detect the existence of the TXT record in your domain's DNS settings.

If your DNS provider does not allow DNS record names to contain underscores, you can omit _aksldja21i1 from the Domain verification name. In that case, for the preceding example, the TXT record name would be myexampleservice.com instead of _aksldja21i1.myexampleservice.com.

Add a TXT record to your domain's DNS server

The procedure for adding TXT records to your domain's DNS server depends on who provides your DNS service. Your DNS provider might be Amazon Route 53 or another domain name registrar. This section provides procedures for adding a TXT record to Route 53, and generic procedures that apply to other DNS providers.

  1. Open the Amazon VPC console at https://console.aws.amazon.com/vpc/.

  2. Choose Endpoint Services.

  3. Select the endpoint service.

  4. On the Details tab, note the values shown next to Domain verification value and Domain verification name.

  5. If Route 53 provides the DNS service for the domain that you're verifying, and you're signed in to the AWS Management Console under the same account that you use for Route 53, we give you the option of updating your DNS server immediately from within the Amazon VPC console.

    If you use a different DNS provider, the procedures for updating the DNS records vary depending on which DNS or web hosting provider you use. The following table lists links to the documentation for several common providers. This list isn't exhaustive and inclusion in this list isn’t an endorsement or recommendation of any company’s products or services. If your provider isn't listed in the table, you can probably use the domain with endpoints.

    DNS/Hosting provider Documentation link


    Add a TXT record (external link)


    How do I add custom DNS records? (external link)


    Managing DNS records in CloudFlare (external link)


    Manage DNS Records with HostGator/eNom (external link)


    How do I add TXT/SPF/DKIM/DMARC records for my domain? (external link)


    Changing your domains DNS Settings (external link)


    Adding or Updating TXT Records in Your Wix Account (external link)

    When verification is complete, the domain's status in the Amazon VPC console changes from Pending to Verified.

  6. You can now use the private domain name for the VPC endpoint service.

If the DNS settings are not correctly updated, the domain status displays a status of failed on the Details tab. If this happens, complete the steps on the troubleshooting page at Troubleshoot common private DNS domain verification problems. After you verify that your TXT record was created correctly, retry the operation.