AWS Route 53 Resolver Query Log Config Association
This page shows how to write Terraform and CloudFormation for Route 53 Resolver Query Log Config Association and write them securely.
aws_route53_resolver_query_log_config_association (Terraform)
The Query Log Config Association in Route 53 Resolver can be configured in Terraform with the resource name aws_route53_resolver_query_log_config_association
. The following sections describe 4 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_route53_resolver_query_log_config_association" "selected_vpc" {
for_each = local.vpcs
resource_id = each.value
resolver_query_log_config_id = var.query_log_config_id
}
resource "aws_route53_resolver_query_log_config_association" "this" {
resolver_query_log_config_id = aws_route53_resolver_query_log_config.this.id
resource_id = var.vpc_id
}
resource "aws_route53_resolver_query_log_config_association" "route53_resolver_query_log_config_association" {
count = var.enable_route53_resolver_query_log_config_association ? 1 : 0
resolver_query_log_config_id = var.route53_resolver_query_log_config_association_resolver_query_log_config_id != "" ? var.route53_resolver_query_log_config_association_resolver_query_log_config_id : (var.enable_route53_resolver_query_log_config ? aws_route53_resolver_query_log_config.route53_resolver_query_log_config.0.id : null)
resource_id = var.route53_resolver_query_log_config_association_resource_id
resource "aws_route53_resolver_query_log_config_association" "route53_resolver_query_log_config_association" {
count = var.enable_route53_resolver_query_log_config_association ? 1 : 0
resolver_query_log_config_id = var.route53_resolver_query_log_config_association_resolver_query_log_config_id != "" ? var.route53_resolver_query_log_config_association_resolver_query_log_config_id : (var.enable_route53_resolver_query_log_config ? aws_route53_resolver_query_log_config.route53_resolver_query_log_config.0.id : null)
resource_id = var.route53_resolver_query_log_config_association_resource_id
Parameters
-
id
optional computed - string -
resolver_query_log_config_id
required - string -
resource_id
required - string
Explanation in Terraform Registry
Provides a Route 53 Resolver query logging configuration association resource.
AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation (CloudFormation)
The ResolverQueryLoggingConfigAssociation in Route53Resolver can be configured in CloudFormation with the resource name AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation
. The following sections describe 7 examples of how to use the resource and its parameters.
Example Usage from GitHub
Type: AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation
Properties:
ResolverQueryLogConfigId: !Ref ResolverQueryLoggingConfig
ResourceId: !Ref Vpc
#================
Type: AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation
Properties:
ResolverQueryLogConfigId: !Ref LoggingConfig
Type: "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation"
Properties:
ResolverQueryLogConfigId:
Fn::GetAtt:
- "Route53QueryLoggingConfig"
- "Id"
Type: AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation
Properties:
ResolverQueryLogConfigId: !Ref ResolverQueryLoggingConfig
ResourceId: !Ref ServicesVPC
# iam
Type: AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation
Properties:
ResolverQueryLogConfigId:
Fn::GetAtt:
- DNSLogs
- Id
"resourceType": "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation",
"filePath": null
},
{
"resourceType": "AWS::Route53Resolver::ResolverRule",
"filePath": null
"AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation": {
"Type": "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation",
"Properties": {}
},
"AWS::GlobalAccelerator::Listener": {
"Type": "AWS::GlobalAccelerator::Listener",
Parameters
-
ResolverQueryLogConfigId
optional - String -
ResourceId
optional - String
Explanation in CloudFormation Registry
The AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation resource is a configuration for DNS query logging. After you create a query logging configuration, Amazon Route 53 begins to publish log data to an Amazon CloudWatch Logs log group.
Frequently asked questions
What is AWS Route 53 Resolver Query Log Config Association?
AWS Route 53 Resolver Query Log Config Association is a resource for Route 53 Resolver of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS Route 53 Resolver Query Log Config Association?
For Terraform, the valtix-security/Enable_DNS_VPC_Logs, ministryofjustice/hmpps-ems-platform-terraform-modules and asrkata/SebastianUA-terraform source code examples are useful. See the Terraform Example section for further details.
For CloudFormation, the arhs/spikeseed-cloud-labs, andrewkrug/securing-the-cloud-supplemental and mobious999/Cloudformation source code examples are useful. See the CloudFormation Example section for further details.