Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Preferences
Contact Us
Feedback
AWS Documentation
Create an AWS Account

What are Amazon Route 53 Profiles?

PDF
RSS
Focus mode
What are Amazon Route 53 Profiles? - Amazon Route 53
Profile prioritizationProfile availability

With Route 53 Profiles, you can apply and manage DNS-related Route 53 configurations across many VPCs and in different AWS accounts. Profiles make managing the DNS settings for many VPCs as easy as managing them for a single VPC and when you update a Profile, its settings are propagated to all the VPCs associated to the Profile. You can also share a Profile with AWS accounts in the same Regions by using AWS RAM. The currently Route 53 supported resources you can associate to a Profile are:

  • Private hosted zones and the settings specified in them.

  • Route 53 Resolver rules, both forwarding and system.

  • DNS Firewall rule groups.

Some of the VPC configurations are directly managed on the Profile. The configurations are:

  • Reverse DNS lookup configuration for Resolver Rules.

  • DNS Firewall failure mode configuration.

  • DNSSEC validation configuration.

For example, you can enable the DNS Firewall failure mode configuration for all the VPCs the Profile is associated to, but keep the VPC's existing DNSSEC validation configuration.

Important

Once you enable the Profile settings for the preceding configurations, and associate the Profile to a VPC, the Profile settings take effect immediately.

You can also use AWS CloudFormation to set up consistent DNS settings for newly provisioned VPCs.

You can associate one Profile per VPC and the number of resources you can associate per Profile varies. For more information, see Quotas on Route 53 Profiles .

How Route 53 Profile settings are prioritized

You can have the local DNS settings and associations set for Profiles for migration, or other testing purposes. When a DNS query matches both the Resolver rule for a private hosted zone that is directly associated with the VPC and a Resolver rule for a private hosted zone that is associated to the Profile, the local DNS settings take precedence. When DNS query is made for a conflicting domain name, the most specific one wins. The following table includes examples of the evaluation order:

DNS query Profile rule VPC rule Evaluated rule

example.com

example.com

example.com

Local VPC

test.example.com

test.example.com

example.com

Profile

marketing.example.com

None

marketing.example.com

Local VPC

Route 53 Profiles Region availability

To view the Region availability and the endpoints, see Service endpoints for Route 53 in the AWS General Reference guide.

On this page

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.