Route 53 Resolver Query Logging Configuration

Route 53 Resolver Query Logging Configuration in AWS allows you to capture and log DNS queries that originate from your VPCs. This helps with troubleshooting, security analysis, and compliance by sending query logs to destinations such as CloudWatch Logs, S3, or Kinesis Data Firehose.

aws.route53resolver_resolver_query_log_config

Fields

TitleIDTypeData TypeDescription
_keycorestring
account_idcorestring
arncorestringThe ARN for the query logging configuration.
association_countcoreint64The number of VPCs that are associated with the query logging configuration.
creation_timecorestringThe date and time that the query logging configuration was created, in Unix time format and Coordinated Universal Time (UTC).
creator_request_idcorestringA unique string that identifies the request that created the query logging configuration. The CreatorRequestId allows failed requests to be retried without the risk of running the operation twice.
destination_arncorestringThe ARN of the resource that you want Resolver to send query logs: an Amazon S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream.
idcorestringThe ID for the query logging configuration.
namecorestringThe name of the query logging configuration.
owner_idcorestringThe Amazon Web Services account ID for the account that created the query logging configuration.
share_statuscorestringAn indication of whether the query logging configuration is shared with other Amazon Web Services accounts, or was shared with the current account by another Amazon Web Services account. Sharing is configured through Resource Access Manager (RAM).
statuscorestringThe status of the specified query logging configuration. Valid values include the following: CREATING: Resolver is creating the query logging configuration. CREATED: The query logging configuration was successfully created. Resolver is logging queries that originate in the specified VPC. DELETING: Resolver is deleting this query logging configuration. FAILED: Resolver can't deliver logs to the location that is specified in the query logging configuration. Here are two common causes: The specified destination (for example, an Amazon S3 bucket) was deleted. Permissions don't allow sending logs to the destination.
tagscorehstore