Incoming and outgoing Resolver endpoints can use the DNS over HTTPS (DoH) protocol with Amazon Route 53 Resolver
DoH allows data sent for Domain Name System (DNS) resolutions to be encrypted via HTTP or HTTP/2 over TLS
Utilizing DoH also facilitates adherence to suggestions like those outlined in this US Office of Management and Budget (OMB) memo
In hybrid cloud setups, you can utilize Amazon Route 53 Resolver to resolve DNS queries. For instance, it permits DNS requests from any location inside your hybrid network to be accessed by AWS services
DNS queries from your on-premises network or another VPC can reach your VPC through inbound resolver endpointsDNS requests can be sent from your VPC to another VPC or your on-premises network using outbound resolver endpoints
All AWS Regions where Route 53 Resolver is available, including GovCloud Regions and Regions based in China, now support DNS over HTTPS for Amazon Route 53 Resolver
The default DNS protocol for incoming and outgoing Resolver destinations is still port 53. Thus, unless you intend to switch from HTTPS to DNS, you don’t need to upgrade your current automated tools