AWS VPC Endpoints: What's the different between the private DNS records

Question

I'm new to AWS. I have deployed an interface endpoint in two subnets of my VPC. The endpoint comes with three domain names.

vpce-xxxxxxxxxxxxxxx-yjkfe3jc.vpce-svc-xxxxxxxxxxxxxxx.eu-central-1.vpce.amazonaws.com (Z273ZU8SZ5RJPC)
vpce-xxxxxxxxxxxxxxx-yjkfe3jc-eu-central-1a.vpce-svc-xxxxxxxxxxxxxxxx.eu-central-1.vpce.amazonaws.com (Z273ZU8SZ5RJPC)
vpce-xxxxxxxxxxxxxxx-yjkfe3jc-eu-central-1b.vpce-svc-xxxxxxxxxxxxxx.eu-central-1.vpce.amazonaws.com (Z273ZU8SZ5RJPC)

Two of them, which have the availability zone name inside their name, apparently points to the IP addresses of the ENIs in the subnets. However, I'm wondering what's the purpose of the first record(the one without AZ name)? And where are these records hosted or where to find the zone Z273ZU8SZ5RJPC?

Thanks!

Answer 1

First One is the regional DNS name of the endpoint, which will resolve to all the available zonal IP addresses associated with the endpoint.

[] Interface VPC endpoints (AWS PrivateLink) - Access a service through an interface endpoint - https://docs.aws.amazon.com/vpc/latest/privatelink/vpce-interface.html#access-service-though-endpoint

If you have created a HA architecture, with multiple resources spanning across multiple AZs, then the regional endpoint can be used. A simpler example can be for load balancing, where you are distributing load across multiple AZs using Round-Robin DNS resolution.

Since the hosted zone is not visible in our own account, it must be something AWS managed and therefore, we cannot see the records present in it.