A network engineer is designing a private DNS solution to integrate AWS workloads and on-premises resources. The AWS environment includes five VPCs in the eu-west-1 Region, connected to the on-premises network via AWS Direct Connect. The VPCs communicate with each other through a transit gateway, and each VPC is associated with a private hosted zone using the aws.example.internal domain. The engineer has created an Amazon Route 53 Resolver outbound endpoint in a shared services VPC, which is attached to the transit gateway.

The engineer needs to implement a DNS resolution solution where queries for hostnames ending with aws.example.internal are resolved using the private hosted zone, and queries for hostnames ending with all other domains are forwarded to a private on-premises DNS resolver.

Which solution meets these requirements?