Open menu
-->

AWS Route53 Best Practices

AWS Route 53 is a scalable and highly available Domain Name web service. Route 53 provides a reliable and cost effective way to link end users to applications by translating domain names (web addresses) into numeric IP addresses that computers require to connect to one another.



AWS Route 53 is a scalable and highly available Domain Name web service. Route53 provides a reliable and cost effective way to link end users to applications by translating domain names (web addresses) into numeric IP addresses that computers require to connect to one another.

Cloud Conformity checks Amazon Route53 service according to the following rules:

Enable AWS Route 53 Domain Auto Renew
Ensure your domain names are automatically renewed by AWS Route 53 service.

Create DNS Alias Record for Root Domain
Ensure a DNS alias record for the root domain.

Remove AWS Route 53 Dangling DNS Records
Ensure dangling DNS records are removed from your AWS Route 53 hosted zones to avoid domain/subdomain takeover.

Expired Route 53 Domain Names
Ensure expired AWS Route 53 domains names are restored.

AWS Route 53 Domain Name Renewal (30 days before expiration)
Ensure AWS Route 53 domain names are renewed before their expiration.

AWS Route 53 Domain Name Renewal (45 days before expiration)
Ensure AWS Route 53 domain names are renewed before their expiration (45 days before expiration).

AWS Route 53 Domain Name Renewal (7 days before expiration)
Ensure AWS Route 53 domain names are renewed before their expiration.

Enable Privacy Protection for AWS Route 53 Domains
Ensure that Privacy Protection feature is enabled for your Amazon Route 53 domains.

Public Zone with Private Records
Check for AWS Route 53 Public Zones with Private Records

Root Domain Alias Records that Point to ELB
Ensure root domain alias record points to ELB.

Monitor AWS Route 53 Configuration Changes
Route 53 configuration changes have been detected within your Amazon Web Services account.

AWS Route 53 DNS In Use
Ensure AWS Route 53 DNS service is in use for highly efficient DNS management.

AWS Route 53 SPF DNS Records
Ensure there is an SPF record set for each MX DNS record in order to stop spammers from spoofing your domains.

Enable AWS Route 53 Domain Transfer Lock
Ensure your domain names have the Transfer Lock feature enabled in order to keep them secure.