A company operates compute resources in a VPC and in the company's on-premises data center. The company already has an AWS Direct Connect connection between the VPC and the on-premises data center.
A CloudOps engineer needs to ensure that Amazon EC2 instances in the VPC can resolve DNS names for hosts in the on-premises data center.
Which solution will meet this requirement with the LEAST amount of ongoing maintenance?
Amazon Route 53 Resolver outbound endpoints enable Amazon VPC resources to forward DNS queries to DNS servers that are outside of AWS, such as on-premises DNS servers. Because the company already has AWS Direct Connect in place, DNS queries can be routed privately from the VPC to the on-premises DNS infrastructure without using the public internet.
By creating an outbound endpoint and configuring forwarding rules for the on-premises domains, EC2 instances in the VPC can resolve DNS names dynamically using the existing authoritative DNS servers. This approach requires minimal ongoing maintenance because DNS records continue to be managed centrally in the on-premises DNS system.
Manually populating a private hosted zone or /etc/hosts files would require constant updates and does not scale. Reverse DNS forwarding alone does not solve forward name resolution.
Therefore, using Route 53 Resolver outbound endpoints is the correct solution.
Currently there are no comments in this discussion, be the first to comment!