Dev.to

[AWS][Update]Amazon Route 53 Profiles now supports VPC endpoints

Notice The AWS console screen is in Japanese. introduction Thank you for always reading my articles! On Tuesday, April 29, 2025, we received some interesting update information about Route 53, so we would like to write an article summarizing the pros and cons of using it. The article is written in simple language so that even those who don't know anything about networks can understand, so I hope you will feel free to read it. Update Information The contents of the official AWS blog are as follows: https://aws.amazon.com/about-aws/whats-new/2025/04/amazon-route-53-profiles-vpc-endpoints/ Today, AWS announced support for VPC endpoints in Amazon Route 53 Profiles, allowing you to create, manage, and share private hosted zones (PHZs) for interface VPC endpoints across multiple VPCs and AWS accounts within your organization. With this enhancement, Amazon Route 53 Profiles simplifies the management of VPC endpoints by streamlining the process of creating and associating interface VPC endpoint managed PHZs with VPCs and AWS accounts, and without requiring you to manually associate them. Route 53 Profiles makes it easy for you to create one or more configurations for VPC-related DNS settings, such as private hosted zones and Route 53 Resolver rules, and share them across VPCs and AWS accounts. The new capability helps you centralize the management of PHZs associated with interface VPC endpoints, reducing administrative overhead and minimizing the risk of configuration errors. This feature eliminates the need for creation and manual association of PHZs for VPC endpoints with individual VPCs and accounts, saving time and effort for network administrators. Additionally, it improves security and consistency by providing a centralized approach to managing DNS resolution for VPC endpoints across an organization's AWS infrastructure. To put it very simply, you can think of Amazon Route 53 profiles as also managing VPC endpoints.Personally, I think this is a welcome update as it allows you to configure private hosted zones entirely through profile settings, which will help reduce operational costs. Using Regions The regions where this function is available are those where private hosted zones are available. According to the documentation, it is available in the following regions: https://docs.aws.amazon.com/general/latest/gr/r53.html US East (Ohio) us-east-2 US East (N. Virginia) us-east-1 US West (N. California) us-west-1 US West (Oregon) us-west-2 Africa (Cape Town) af-south-1 Asia Pacific (Hong Kong) ap-east-1 Asia Pacific (Hyderabad) ap-south-2 Asia Pacific (Jakarta) ap-southeast-3 Asia Pacific (Melbourne) ap-southeast-4 Asia Pacific (Mumbai) ap-south-1 Asia Pacific (Osaka) ap-northeast-3 Asia Pacific (Seoul) ap-northeast-2 Asia Pacific (Singapore) ap-southeast-1 Asia Pacific (Sydney) ap-southeast-2 Asia Pacific (Tokyo) ap-northeast-1 Canada (Central) ca-central-1 Canada West (Calgary) ca-west-1 Europe (Frankfurt) eu-central-1 Europe (Ireland) eu-west-1 Europe (London) eu-west-2 Europe (Milan) eu-south-1 Europe (Paris) eu-west-3 Europe (Spain) eu-south-2 Europe (Stockholm) eu-north-1 Europe (Zurich) eu-central-2 Israel (Tel Aviv) il-central-1 Middle East (Bahrain) me-south-1 Middle East (UAE) me-central-1 South America (São Paulo) sa-east-1 AWS GovCloud (US-East) us-gov-east-1 AWS GovCloud (US-West) us-gov-west-1 It is not available in the recently released Thailand region, but it is available in the Tokyo and Osaka regions, so it should not be a problem for businesses operating domestically. Notice There will be no change in usage fees compared to the regular Route 53 Profile. Checking Updates Notice Detailed configuration instructions are summarized in the following official document: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/profile-associate-vpc-endpoints.html I created one endpoint for easy verification. Warning This could not be set with the VPC endpoint that is created by default when creating a VPC. You can associate the endpoint by creating it with com.amazonaws.ap-northeast-1.profile as the service name. Endpoint Name:Route53-Profile-Test Now, let’s link the VPC we created to the Route 53 Profile. Click on Profiles in the left pane of the Route 53 menu. The profile menu screen will appear, so click the Create Profile button. The profile creation screen will appear, so enter any value for the profile name and click the Create Profile button. I was able to create a profile Click on the VPC Endpoints tab and click on the Associate button. A list of VPC endpoints will be displayed. Click the check box to the left of the endpoint that says "Ready to associate". After clicking, click the Create Profile button. The association process itself seems to be working fine, but the VPC endpoint association count has n

Apr 30, 2025 - 06:59
 0
[AWS][Update]Amazon Route 53 Profiles now supports VPC endpoints

Notice

The AWS console screen is in Japanese.

introduction

Thank you for always reading my articles!

On Tuesday, April 29, 2025, we received some interesting update information about Route 53, so we would like to write an article summarizing the pros and cons of using it.

The article is written in simple language so that even those who don't know anything about networks can understand, so I hope you will feel free to read it.

Update Information

The contents of the official AWS blog are as follows:

https://aws.amazon.com/about-aws/whats-new/2025/04/amazon-route-53-profiles-vpc-endpoints/

Today, AWS announced support for VPC endpoints in Amazon Route 53 Profiles, allowing you to create, manage, and share private hosted zones (PHZs) for interface VPC endpoints across multiple VPCs and AWS accounts within your organization. With this enhancement, Amazon Route 53 Profiles simplifies the management of VPC endpoints by streamlining the process of creating and associating interface VPC endpoint managed PHZs with VPCs and AWS accounts, and without requiring you to manually associate them.
Route 53 Profiles makes it easy for you to create one or more configurations for VPC-related DNS settings, such as private hosted zones and Route 53 Resolver rules, and share them across VPCs and AWS accounts. The new capability helps you centralize the management of PHZs associated with interface VPC endpoints, reducing administrative overhead and minimizing the risk of configuration errors. This feature eliminates the need for creation and manual association of PHZs for VPC endpoints with individual VPCs and accounts, saving time and effort for network administrators. Additionally, it improves security and consistency by providing a centralized approach to managing DNS resolution for VPC endpoints across an organization's AWS infrastructure.

To put it very simply, you can think of Amazon Route 53 profiles as also managing VPC endpoints.Personally, I think this is a welcome update as it allows you to configure private hosted zones entirely through profile settings, which will help reduce operational costs.

Using Regions

The regions where this function is available are those where private hosted zones are available. According to the documentation, it is available in the following regions:

https://docs.aws.amazon.com/general/latest/gr/r53.html

  • US East (Ohio) us-east-2
  • US East (N. Virginia) us-east-1
  • US West (N. California) us-west-1
  • US West (Oregon) us-west-2
  • Africa (Cape Town) af-south-1
  • Asia Pacific (Hong Kong) ap-east-1
  • Asia Pacific (Hyderabad) ap-south-2
  • Asia Pacific (Jakarta) ap-southeast-3
  • Asia Pacific (Melbourne) ap-southeast-4
  • Asia Pacific (Mumbai) ap-south-1
  • Asia Pacific (Osaka) ap-northeast-3
  • Asia Pacific (Seoul) ap-northeast-2
  • Asia Pacific (Singapore) ap-southeast-1
  • Asia Pacific (Sydney) ap-southeast-2
  • Asia Pacific (Tokyo) ap-northeast-1
  • Canada (Central) ca-central-1
  • Canada West (Calgary) ca-west-1
  • Europe (Frankfurt) eu-central-1
  • Europe (Ireland) eu-west-1
  • Europe (London) eu-west-2
  • Europe (Milan) eu-south-1
  • Europe (Paris) eu-west-3
  • Europe (Spain) eu-south-2
  • Europe (Stockholm) eu-north-1
  • Europe (Zurich) eu-central-2
  • Israel (Tel Aviv) il-central-1
  • Middle East (Bahrain) me-south-1
  • Middle East (UAE) me-central-1
  • South America (São Paulo) sa-east-1
  • AWS GovCloud (US-East) us-gov-east-1
  • AWS GovCloud (US-West) us-gov-west-1

It is not available in the recently released Thailand region, but it is available in the Tokyo and Osaka regions, so it should not be a problem for businesses operating domestically.

Notice

There will be no change in usage fees compared to the regular Route 53 Profile.

Image description

Checking Updates

Notice

Detailed configuration instructions are summarized in the following official document:

https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/profile-associate-vpc-endpoints.html

I created one endpoint for easy verification.

Image description

Warning

This could not be set with the VPC endpoint that is created by default when creating a VPC.
You can associate the endpoint by creating it with com.amazonaws.ap-northeast-1.profile as the service name.

  • Endpoint Name:Route53-Profile-Test

Now, let’s link the VPC we created to the Route 53 Profile.

  • Click on Profiles in the left pane of the Route 53 menu.

Image description

  • The profile menu screen will appear, so click the Create Profile button.

Image description

  • The profile creation screen will appear, so enter any value for the profile name and click the Create Profile button.

Image description

  • I was able to create a profile
  • Click on the VPC Endpoints tab and click on the Associate button.

Image description

  • A list of VPC endpoints will be displayed. Click the check box to the left of the endpoint that says "Ready to associate".
  • After clicking, click the Create Profile button.

Image description

  • The association process itself seems to be working fine, but the VPC endpoint association count has not changed.

Image description

We plan to test Route 53 in the future, so we will test it at that time.

Benefits of using it in practice

Although the test itself did not go as expected, I would like to briefly summarize the benefits of using it that I felt after actually using it.

Merit

  • Easier association of profiles and endpoints.
  • You can check the associated endpoint information just by looking at the profile.
  • Network management becomes easier, reducing the burden on network operators.

Having said that, I noticed that there are a few things to keep in mind when using it, so I have summarized those as well.

Caution

  • Each profile can have up to 10 endpoints associated with it.
  • It is unclear whether one endpoint can be linked to multiple endpoints.
  • The linking itself is easy, but in an environment with multiple profiles, there is a possibility of misconfiguration.

Conclusion

Although it is a simple update, it is an interesting one for future network operations, so I will continue to watch it.

Thank you for reading the article to the end!

Read More

Tags:

Previous Article

Kener 3.2.14 released with the most requested change: Subscribe to monitors

Next Article

Roger rabbit

Related Posts

Aluguel de micro ônibus para viagens escolares: segurança e conforto garantidos

Aluguel de micro ônibus para viagens escolares: seguran...

Apr 28, 2025  0

Moving and Renaming Google Cloud Storage Buckets Without Downtime: A Safe Strategy - part 2

Moving and Renaming Google Cloud Storage Buckets Withou...

Apr 25, 2025  0

What’s Holding Your Dev Team Back? The Surprising Power of the Eisenhower Matrix for Smarter Task Management

What’s Holding Your Dev Team Back? The Surprising Power...

Apr 25, 2025  0