A container for records, which include information about how you want to route traffic for a domain (such as example.com) and all of its subdomains (such as www.example.com, retail.example.com, and seattle.accounting.example.com). A hosted zone has the same name as the corresponding domain.
For example, the hosted zone for example.com might include a record that has information about routing traffic for www.example.com to a web server that has the IP address 192.0.2.243, and a record that has information about routing email for example.com to two email servers, mail1.example.com and mail2.example.com. Each email server also requires its own record.
Overview
A hosted zone is a collection of records for a specified domain.
Analogous to a traditional DNS zone file, it represents a collection of records managed together.
Two types of zones:
Public hosted zone: Determines how traffic is routed on the Internet.
Private hosted zone for VPC: Determines how traffic is routed within VPC; resources are not accessible outside the VPC.
Amazon Route 53 automatically creates NS (Name Server) and SOA (Start of Authority) records for hosted zones.
Each hosted zone contains a set of 4 unique name servers (delegation set).
Multiple hosted zones with the same name and different records can be created.
Hosted Zone Configuration
NS servers are specified by FQDN, but their IP addresses can be obtained from the command line (e.g., dig or nslookup).
For private hosted zones:
Select a VPC from the list available in each region.
Set the following VPC settings to "true":
enableDnsHostname.
enableDnsSupport.
Create a DHCP options set.
Integration
Integration with on-premises DNS to VPC is possible.
Route 53 cannot be extended to on-premises instances.
EC2 instances cannot be automatically registered with private hosted zones; scripting is required.
Cross-Account Association
Route 53 private hosted zone in one account can be associated with a VPC in another account.
To associate a Route 53 private hosted zone in one AWS account (Account A) with a VPC in another AWS account (Account B), follow these steps:
From an instance in Account A, authorize the association.
From an instance in Account B, create the association.
Delete the association authorization after creation.