Step 4: Register your Domain name and implement DNS service using Route 53 - AWS WAF, AWS Firewall Manager, and AWS Shield Advanced

Step 4: Register your Domain name and implement DNS service using Route 53


This is AWS WAF Classic documentation. You should only use this version if you created AWS WAF resources, like rules and web ACLs, in AWS WAF prior to November 2019, and you have not migrated them over to the latest version yet. To migrate your resources, see Migrating your AWS WAF Classic resources to AWS WAF .

For the latest version of AWS WAF, see AWS WAF.

You can use Route 53 to register the domain name for your website, route internet traffic to the resources for your domain, and check the health of your web server to verify that it's reachable, available, and functional. Route 53 helps to protect against DDoS attacks by providing redundancy and load balancing across multiple DNS servers. Route 53 can also detect anomalies in DNS queries and prioritize requests from users that are known to be reliable and, by extension, deprioritize requests that are from potentially less reliable sources.


You are responsible for the cost of the AWS services implemented in this tutorial. For full details about Route 53 costs, see the Route 53 pricing page.

Register your Domain with Route 53

If you are new to hosting a website, your next step in this tutorial is to register a domain using Route 53. Following are the steps to do this.


If your domain is already registered with another registrar, you must migrate your existing domain from the other registrar's DNS service to instead use Route 53 as the DNS service. This tutorial does not cover that transfer process. Instead of following the Route 53 procedures described in this tutorial, you must perform four steps to transfer an existing domain:

  • Create a hosted zone

  • Get your current DNS configuration from your DNS service provider

  • Create resource records sets

  • Update your registrar's name servers

For more information about transferring an existing domain registration from another registrar, see Transferring Domains.

To register a new domain using Route 53

  1. Sign in to the AWS Management Console and open the Route 53 console at

  2. Under Domain Registration, choose Get Started Now.

  3. Choose Register Domain.

  4. Type the domain name that you want to register, and choose Check to find out whether the domain name is available. As an example, this tutorial assumes that you register the domain name

    For information about how to specify characters other than a-z, 0-9, and - (hyphen) and how to specify internationalized domain names, see DNS Domain Name Format.

  5. If the domain is available, choose Add to cart. The domain name appears in your shopping cart.

  6. In the shopping cart, choose the number of years that you want to register the domain for.

  7. To register more domains, repeat steps 4 through 6.

  8. Choose Continue.

  9. On the Contact Details for Your n Domains page, enter contact information for the domain registrant, administrator, and technical contacts. The values that you enter here are applied to all the domains that you're registering.

  10. For some top-level domains (TLDs), we're required to collect additional information. For these TLDs, enter the applicable values after the Postal/Zip Code field.

  11. Choose whether you want to hide your contact information from WHOIS queries. For more information, see the following topics:

  12. Choose Continue.

  13. Review the information that you entered, read the terms of service, and select the check box to confirm that you've read the terms of service.

  14. Choose Complete Purchase.

    For generic TLDs, we typically send an email to the registrant for the domain to verify that the registrant contact can be reached at the email address that you specified. (We don't send an email if we already have confirmation that the email address is valid.) The email comes from one of the following email addresses:

    • – for TLDs registered by Amazon Registrar.

    • – for TLDs registered by our registrar associate, Gandi. To determine who the registrar is for your TLD, see Domains That You Can Register with Route 53.


    The registrant contact must follow the instructions in the email to verify that the email was received, or we must suspend the domain as required by ICANN. When a domain is suspended, it's not accessible on the internet.

    For all TLDs, you receive an email when your domain registration has been approved. To determine the current status of your request, see Viewing the Status of a Domain Registration.

Create records

Your next step is to create records that tell Route 53 how you want to route traffic for the domain and subdomain.

To create records

  1. Sign in to the AWS Management Console and open the Route 53 console at

  2. In the navigation pane, choose Hosted zones.

  3. Because you registered your domain using Route 53, Route 53 automatically creates a hosted zone for you. Choose this hosted zone.

  4. Choose Create Record Set.

  5. Enter the applicable values:

    • For Name, leave as is (it should already be

    • For Type, choose A – IPv4 address.

    • For Alias, choose Yes.

    • For Alias Target, type the domain name of your CloudFront distribution that you created earlier in this tutorial.

  6. Choose Create.


Your new record takes time to propagate to the Route 53 DNS servers. Changes generally propagate to all Route 53 name servers within 60 seconds.

To test your Route 53 records

  1. Open the domain name you added to the record, such as, in a browser.

  2. You should see your website.

Next: Step 5: Detect and filter malicious web requests using AWS WAF Classic.