How Route 53 Resolver endpoint forwards DNS queries from your VPCs to your network - Amazon Route 53
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

How Route 53 Resolver endpoint forwards DNS queries from your VPCs to your network

When you want to forward DNS queries from the EC2 instances in one or more VPCs in an Amazon Region to your network, you perform the following steps.

  1. You create a Route 53 Resolver outbound endpoint in a VPC, and you specify several values:

    • The VPC that you want DNS queries to pass through on the way to the resolvers on your network.

    • A VPC security group

    For each IP address that you specify for the outbound endpoint, Resolver creates an Amazon VPC elastic network interface in the VPC that you specify. For more information, see Considerations when creating inbound and outbound endpoints.

  2. You create one or more rules, which specify the domain names of the DNS queries that you want to delegate to Resolver to forward, or want Resolver to forward to resolvers on your network. For forwarding rules, you also specify the IP addresses of the resolvers. For more information, see Using rules to control which queries are forwarded to your network.

  3. You associate each rule with the VPCs for which you want to forward DNS queries to your network.