Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
devphobe726728dYes, that's the default behavior, but there are ways to modify this if you're crafty enough. Personally, I just don't give a shit and all of my DNS records exist in the single public zone. We just teach our apps to use xyz.internal.publicdomain.com to access internal services. It's much simpler.
devphobe726728dAlso, check out Consul. It makes all of the private DNS lookups easier.
I don't have enough details to be more specific, but if you created two zones "y.sample.com" as both private and public that will fuck you up. It's always easier to use "sample.internal" and "sample.com" if you need that level of division.
* Poor mans way: Just don't use private zones at all. It's honestly not worth the small amount of security you get from it. Why not just run add records like "redis.internal.company.com" in your public zones and have Route53 point back to a private IP Address like 10.10.x.y?