Create Route 53 Inbound Endpoints
Create Route 53 Inbound Endpoints
To enable your on-premise DNS system to query Route 53 Resolver for specific DNS zones (such as Private Zones) hosted on Route 53, you need to set up a Route 53 Inbound Endpoint. This Inbound Endpoint serves as a link for other services to request domain name resolution from Route 53. When you create an Inbound Endpoint, AWS generates an elastic network interface (ENI) in each specified availability zone (AZ) to handle incoming DNS queries.
- Access the Route 53 console:
- Search for Route 53 in the search box.
- Expand the left sidebar, go to Inbound endpoints, and select Create inbound endpoint.
- On the Create inbound endpoint page, provide the following details:
- Endpoint name: R53-InboundEndpoint
- VPC in the Region: HybridDNS-VPCStack- (This VPC was created by CloudFormation in the previous section)
- Security group for this endpoint: d-###….#_controllers (This security group was created by CloudFormation to secure the connection to AWS Managed Microsoft Active Directory)
- Configure IP Addresses:
- IP address #1:
- Availability Zone: ap-northeast-1a
- Subnet: Private subnet 1A
- IP address: Use an automatically selected IP address
- IP address #2:
- Availability Zone: ap-northeast-1c
- Subnet: Private subnet 2A
- IP address: Use an automatically selected IP address
- Click Create inbound endpoint.
- Complete the creation of the Inbound Endpoint.
- Once the Inbound Endpoints are successfully created, click on an inbound endpoint to view its details. You will find the IP addresses assigned to these inbound endpoints. AWS injects an elastic network interface (ENI) into your subnet and assigns the specified IP addresses to the ENIs.