Interview › AWS

What is the difference between a CNAME and an Alias record in Route 53?

AWS · Intermediate level

Answer

A CNAME maps a DNS name to another name and usually cannot be used at the zone apex. A Route 53 Alias points to AWS resources, can be used at the apex, and is preferred for ALB, CloudFront, API Gateway, and similar targets.

Technical explanation

Alias records are AWS-specific and can be used at the zone apex where CNAME normally cannot.

DNS and CDN design must account for caching behavior, TTLs, origin protection, health signals, TLS, and global user latency.

Route 53 routing policies and CloudFront cache policies should be chosen based on the real traffic-management goal, not because they are available.

Always test failover, cache invalidation, header/cookie/query-string behavior, and origin access controls before production cutover.

Hands-on example

1. Create a test hosted zone or subdomain and route traffic to a controlled ALB, API, S3/CloudFront origin, or secondary Region.

2. Configure the relevant policy - weighted, failover, alias, cache behavior, OAC, or health check - and keep TTLs low during testing.

3. Use dig/curl and CloudFront/Route 53 logs or metrics to verify routing, caching, TLS, and failover behavior.

4. Increase TTLs and tighten origin access after validation.

More AWS interview questions

• What is the AWS shared responsibility model, and where is the line between AWS and the customer?
• Explain the difference between a Region, an Availability Zone, and an Edge Location.
• What is a VPC, and what are its core components (subnets, route tables, IGW, NAT)?
• Difference between a public and a private subnet, and how does each reach the internet?
• What is the difference between a Security Group and a Network ACL?
• Are Security Groups stateful or stateless? What about NACLs?
• What is an Internet Gateway versus a NAT Gateway, and when do you need each?
• How does a NAT Gateway differ from a NAT instance?

← All AWS questions