AWS Route 53 Resolver Query Log Config
This page shows how to write Terraform and CloudFormation for Route 53 Resolver Query Log Config and write them securely.
aws_route53_resolver_query_log_config (Terraform)
The Query Log Config in Route 53 Resolver can be configured in Terraform with the resource name aws_route53_resolver_query_log_config. The following sections describe 1 example of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_route53_resolver_query_log_config" "this" {
name = local.route53_query_log_config_name
destination_arn = aws_cloudwatch_log_group.this.arn
tags = var.tags
}
Parameters
-
arnoptional computed - string -
destination_arnrequired - string -
idoptional computed - string -
namerequired - string -
owner_idoptional computed - string -
share_statusoptional computed - string -
tagsoptional - map from string to string
Explanation in Terraform Registry
Provides a Route 53 Resolver query logging configuration resource.
AWS::Route53Resolver::ResolverQueryLoggingConfig (CloudFormation)
The ResolverQueryLoggingConfig in Route53Resolver can be configured in CloudFormation with the resource name AWS::Route53Resolver::ResolverQueryLoggingConfig. The following sections describe 7 examples of how to use the resource and its parameters.
Example Usage from GitHub
Type: "AWS::Route53Resolver::ResolverQueryLoggingConfig"
Properties:
DestinationArn: "change me to the real arn of the logging destination"
Name: "Dns Query Logging"
Route53QueryLoggingConfigAssociation:
Type: "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation"
Type: AWS::Route53Resolver::ResolverQueryLoggingConfig
Properties:
Name: !Sub ${AccountCode}-${RegionCode}-${Application}-vpcquerylogs
DestinationArn: !Sub arn:aws:s3:::${LogsBucketName}/vpcquerylogs
ResolverQueryLoggingConfigAssociation:
Type: AWS::Route53Resolver::ResolverQueryLoggingConfig
Properties:
DestinationArn: !GetAtt LogGroup.Arn
Name: !Join ['', [!Ref VpcId, -resolver-logs]]
LoggingAssociation:
Type: AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation
Type: AWS::Route53Resolver::ResolverQueryLoggingConfig
Properties:
DestinationArn: !GetAtt ResolverQueryLoggingLogGroup.Arn
ResolverQueryLoggingConfigAssociation:
Type: AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation
Type: AWS::Route53Resolver::ResolverQueryLoggingConfig
Properties:
DestinationArn:
Fn::GetAtt:
- BucketLogs9C0DCA97
- Arn
"resourceType": "AWS::Route53Resolver::ResolverQueryLoggingConfig",
"filePath": null
},
{
"resourceType": "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation",
"filePath": null
"AWS::Route53Resolver::ResolverQueryLoggingConfig": {
"Type": "AWS::Route53Resolver::ResolverQueryLoggingConfig",
"Properties": {}
},
"AWS::EC2::VPCPeeringConnection": {
"Type": "AWS::EC2::VPCPeeringConnection",
Parameters
-
Nameoptional - String -
DestinationArnoptional - String
Explanation in CloudFormation Registry
The AWS::Route53Resolver::ResolverQueryLoggingConfig resource is a complex type that contains settings for one query logging configuration.
Frequently asked questions
What is AWS Route 53 Resolver Query Log Config?
AWS Route 53 Resolver Query Log Config is a resource for Route 53 Resolver of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS Route 53 Resolver Query Log Config?
For Terraform, the ministryofjustice/hmpps-ems-platform-terraform-modules source code example is useful. See the Terraform Example section for further details.
For CloudFormation, the mobious999/Cloudformation, arhs/spikeseed-cloud-labs and andrewkrug/securing-the-cloud-supplemental source code examples are useful. See the CloudFormation Example section for further details.
