As of now, Route 53 have only a public API and VPC endpoint is not supported. You will need to add a NAT Gateway that you can restrict to access only to the route 53 API. References: