In this article you will going to learn about public and private hosted zone in AWS. There are two main types of hosted zones in Route 53:

1. Public Hosted Zones

  • Visible to the internet: These zones are accessible publicly, meaning anyone on the internet can query DNS records from them.
  • When to use: Perfect for websites or applications that should be available to users across the globe. For example, if you want people to access www.example.com, you’d use a public hosted zone to point it to your EC2 instance or Load Balancer.
  • How it works: DNS records inside a public zone are resolvable globally, making your resources reachable over the internet.
    • Public Hosted Zone Diagram

2. Private Hosted Zones

  • Restricted access: These are only accessible within your private AWS Virtual Private Cloud (VPC).
  • When to use: Ideal for internal services that shouldn't be exposed to the public internet — like internal tools, APIs, or databases used only by your team or applications inside AWS.
  • How it works: Only resources within your VPC can resolve these DNS records, providing a layer of privacy and security.
    • Public Hosted Zone Diagram

Key Differences at a Glance

  • Public Hosted Zone: Used for public domains accessible over the internet.
  • Private Hosted Zone: Used for internal domains accessible only within your AWS VPC(s).

Examples

  • Public: You want www.example.com to point to your public-facing EC2 instance that hosts your website.
  • Private: You want internal.example.com to resolve to an EC2 instance that runs a private dashboard only your team can access.

Understanding the difference between public and private hosted zones can help you design secure, scalable, and efficient network architectures in AWS.

Difference between NAT Gateway and NAT Instance?

Articles will be coming soon! Please subscribe to our newslette.

Explain all the records in route 53?

Articles will be coming soon! Please subscribe to our newslette.