Explain Route 53 health checks and failover routing.
AWS · Intermediate level
Answer
Route 53 health checks monitor endpoint or alarm health and can drive failover routing. DNS failover is useful, but TTLs, client caching, and data replication determine real recovery time.
Technical explanation
Health checks should validate real readiness; a static port check can produce unsafe failover decisions.
DNS and CDN design must account for caching behavior, TTLs, origin protection, health signals, TLS, and global user latency.
Route 53 routing policies and CloudFront cache policies should be chosen based on the real traffic-management goal, not because they are available.
Always test failover, cache invalidation, header/cookie/query-string behavior, and origin access controls before production cutover.
Hands-on example
1. Create a test hosted zone or subdomain and route traffic to a controlled ALB, API, S3/CloudFront origin, or secondary Region.
2. Configure the relevant policy - weighted, failover, alias, cache behavior, OAC, or health check - and keep TTLs low during testing.
3. Use dig/curl and CloudFront/Route 53 logs or metrics to verify routing, caching, TLS, and failover behavior.
4. Increase TTLs and tighten origin access after validation.
Check how well your resume matches the role with our free resume checker— match score, ATS check, and the skills you're missing.
More AWS interview questions
- What is the AWS shared responsibility model, and where is the line between AWS and the customer?
- Explain the difference between a Region, an Availability Zone, and an Edge Location.
- What is a VPC, and what are its core components (subnets, route tables, IGW, NAT)?
- Difference between a public and a private subnet, and how does each reach the internet?
- What is the difference between a Security Group and a Network ACL?
- Are Security Groups stateful or stateless? What about NACLs?
- What is an Internet Gateway versus a NAT Gateway, and when do you need each?
- How does a NAT Gateway differ from a NAT instance?