How to Restrict Route53 records

Yes, it can be possible….Let's see How, let's assume the above example in a more detailed way…

You have the Hostedzone present in AWS Route 53, EX: as you can see the information of the records in the below screenshot

Now i would like to restric the User to the specific record , So here i am going to do a different way…!


  1. Create a New hosted zone with DNS Name
  2. Once the step:1 is done, You will get the Name servers, SOA for the new hostedzone we have created, Now copy the NS in the domain you need to use in the next step :)
  3. Go the Main Domain i.e and create a record like this

4. Now you can check the domain with the dig tool Linux or Mac or Use google to check the DNS NS are propagated.

5. Now it's time for restricting the IAM user/role to HostedZone Simple. You can create a policy to restrict the User to Hostedzone in a reality you are restricting the user to record



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Ganesh Kudikala

Ganesh Kudikala

I Live on Cloud :) I will help all to come into Cloud