Difference between an A Rec and CNAME in Route53
Master System Design with Codemia
Enhance your system design skills with over 120 practice problems, detailed solutions, and hands-on exercises.
Introduction
In Route 53, an A record and a CNAME record solve different DNS problems even though both can make a name reach a service. An A record maps a hostname directly to an IPv4 address, while a CNAME record says one hostname is an alias of another hostname. The practical difference shows up in performance, zone-apex rules, and how often the target changes.
What an A Record Does
An A record returns an IPv4 address directly.
When a resolver asks for example.com, it gets the IP address immediately. That makes A records straightforward and efficient when you know the address you want clients to use.
Use an A record when:
- you have a stable IPv4 address
- you control the server IP directly
- you want the root domain, also called the zone apex, to point somewhere
If you need IPv6, the equivalent is an AAAA record.
What a CNAME Record Does
A CNAME record does not return an IP address. It returns another hostname.
A resolver that asks for www.example.com must then resolve app.example.net to get the final address. That indirection is useful when the target hostname may change behind the scenes.
Use a CNAME when:
- a subdomain should follow another hostname
- the final IP addresses may change over time
- the provider tells you to point to a DNS name rather than to fixed addresses
This is common with SaaS platforms and CDN endpoints.
Important Route 53 Rule: Apex Names
A standard CNAME cannot be used at the zone apex. That means you cannot make example.com itself a CNAME if the same name also needs records such as NS and SOA, which every hosted zone requires.
That is where Route 53 ALIAS records matter. An ALIAS is an AWS-specific feature, not a standard DNS type. It lets you point the apex name to supported AWS targets such as:
- Application Load Balancers
- CloudFront distributions
- S3 static website endpoints in supported patterns
- API Gateway custom domains
Example change batch for Route 53:
That looks like an A record in Route 53, but operationally it behaves like an alias to another DNS name.
Choosing Between Them
A useful decision rule is:
- choose
Awhen you know the IPv4 address - choose
CNAMEwhen a subdomain should alias another hostname - choose Route 53
ALIASwhen the root domain needs to point at certain AWS-managed endpoints
The key is not just “which one works,” but “which one matches how the target is managed.” If the target’s IP addresses are owned by AWS or another provider and may change, hardcoding A records is usually the wrong long-term choice.
Operational Tradeoffs
CNAME introduces another DNS resolution step, so it can add a small amount of lookup work. Usually that is acceptable, but it is still different from a direct A answer.
A records are simpler, but they put the burden of IP management on you. If the target address changes, you must update DNS yourself.
In Route 53 specifically, ALIAS records are often the best answer for AWS resources because AWS can hide infrastructure changes behind the target DNS name.
Common Pitfalls
- Using a
CNAMEat the zone apex, which standard DNS does not allow. - Thinking Route 53
ALIASis the same thing as a standardCNAME. - Pointing an
Arecord at a cloud service whose IP addresses are not stable. - Forgetting that
Ais IPv4 only and using it when IPv6 support requiresAAAAtoo. - Creating a
CNAMEon a name that also needs other record types.
Summary
- An
Arecord maps a name directly to an IPv4 address. - A
CNAMEmaps one hostname to another hostname. - Standard
CNAMErecords cannot be used at the zone apex. - Route 53
ALIASrecords are AWS-specific and solve many apex-to-service cases. - Choose the record type based on whether you control the IP directly or need DNS indirection.

