-
Hello ch34,
Thank you for your question!
I think you are referring to this option: On AWS Resource Access Manager (RAM), set up a shared services VPC on your central account. Create a peering from this VPC to each VPC on the other accounts. On Amazon Route 53, create a private hosted zone associated with the shared services VPC. Manage all domains and subdomains on this hosted zone. On each of the other AWS Accounts, create a Route 53 private hosted zone and configure the Name Server entry to use the DNS of the central account. – While this option uses AWS RAM to share the private hosted zone, it is still incomplete. The subaccount VPCs must be explicitly associated with the central hosted zone through RAM for DNS resolution to work. Configuring NS records does not automatically associate the VPCs, and without the association, DNS queries will fail.
This solution adds unnecessary complexity by requiring each subaccount to create its own private hosted zone and configure NS records to point to the central account’s DNS servers. This extra step creates more maintenance overhead and increases the risk of misconfiguration.
I hope this helps!
Regards,
JR @ Tutorials Dojo
