Route 53 public hosted zones should log DNS queries
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください。
Description
This control verifies whether DNS query logging is activated for an Amazon Route 53 public hosted zone.
Enabling DNS query logging enhances security and compliance by providing greater visibility into DNS activity. The logs capture details such as the queried domain or subdomain, timestamp of the query, DNS record type, and response code. When this feature is enabled, Route 53 delivers the log files to Amazon CloudWatch Logs for further analysis and monitoring.
For guidance regarding Route53 query logging, refer to the Configuring logging for DNS queries section of the Amazon Route 53 Developer Guide.
