Choose the Route 53 services menu and choose rule groups

Click Rule groups and choose add Rule group

Enter a rule name and optional description if needed and click Next

Click add rule



If the block action is used please choose the appropriate response

if the override response is chosen please enter the necessary details required. Ideally, either the NODATA or NXDOMAIN is used

In the eventuality that a custom Domain is needed choose Add my own domain list and create a new domain list unless already created.

If needed a bulk upload is supported. The data needs to be in a S3 bucket

Finally click add rule and click next

Click next and if needed set the rule priorities


Enter a tag if required and click next


Once the rule group is created the Route 53 Resolver DNS Firewall can block or allow or alert DNS queries depending on the rule conditions