Ref: https://learn.cantrill.io/courses/1820301/lectures/41301634

DEMO: https://learn.cantrill.io/courses/1820301/lectures/41301635

• Summary
• Contents:

‼️ Core knowledge of DNS and DNSSEC is required for understanding R53!

• Learn about DNS and DNSSEC in the Tech Fundamentals course:

  DNS & DNSSEC

Amazon Route 53 - Key Concepts

• 🔧 DNSaaS (DNS-as-a-Service) → AWS-managed DNS product
• Global service
  • Single DB replicated and accessible in every region
  • Globally resilient service
  • No need to pick region in console UI
• Two main services:
  1. R53 Registered Domains
     • R53 can be a DNS Domain Registrar
  2. R53 Hosted Zones
     • R53 can be a DNS Hosting Provider
• ‼️ Together with costs for registering a domain name and costs for keeping ownership of the domain name, there's also costs for keeping the hosted zones online!

R53 Registered Domains

• R53 has relationships with all TLDs/major domain registries (.com, .io, .net…)
  • e.g. PIR (Public Interest Registry) is the organization responsible for the .org registry

• Steps to register a new domain (e.g. animals4life.org):
  1. R53 checks if domain name is available for purchase
  2. If domain is available, customer can accept terms and purchase the domain from R53
  3. R53 creates a ZoneFile for the registered domain (DB that contains the DNS info)
  4. R53 allocates name servers managed by R53/AWS for this DNS zone
     1. ‼️ Always 4 servers!!
  5. R53 creates a hosted zone
     • R53 stores the new ZoneFile in the 4 allocated NSs
     • R53 creates an entry in Registered Domains and Hosted Zones referencing the 4 NSs
  6. R53 communicates/liaises with TLD (e.g. PIR in the case of the .org registry)
     • The NS records of the .org zone now point to the servers from R53
     • The 4 NSs allocated by R53 are now authoritative for the registered domain
  • 💡 You do not NEED to register your own domain to follow the CLF-C02 and SAA-C03 courses… It costs a bit of money every month and year, so you can just watch the demos. However, I highly recommend doing the Cloud Resume Challenge once you gain enough AWS knowledge, and for that you will need to purchase a domain for your online portfolio website. So sooner or later, you will probably want to register a domain…
• Transfer lock (enabled by default)
  • If enabled, domain can not be transferred outside of R53
• ‼️ If hosted zone is ever deleted & recreated, you need to update the NSs entry in R53 Registered Domains to point to the new NSs!
  • Otherwise R53 Registered Domains will point to the old NSs, and system will fail

R53 Hosted Zones