AWS.Route53Resolver (aws-elixir v0.7.0) View Source

When you create a VPC using Amazon VPC, you automatically get DNS resolution within the VPC from Route 53 Resolver.

By default, Resolver answers DNS queries for VPC domain names such as domain names for EC2 instances or ELB load balancers. Resolver performs recursive lookups against public name servers for all other domain names.

You can also configure DNS resolution between your VPC and your network over a Direct Connect or VPN connection:

Forward DNS queries from resolvers on your network to Route 53 Resolver

DNS resolvers on your network can forward DNS queries to Resolver in a specified VPC. This allows your DNS resolvers to easily resolve domain names for AWS resources such as EC2 instances or records in a Route 53 private hosted zone. For more information, see How DNS Resolvers on Your Network Forward DNS Queries to Route 53 Resolver in the Amazon Route 53 Developer Guide.

Conditionally forward queries from a VPC to resolvers on your network

You can configure Resolver to forward queries that it receives from EC2 instances in your VPCs to DNS resolvers on your network. To forward selected queries, you create Resolver rules that specify the domain names for the DNS queries that you want to forward (such as example.com), and the IP addresses of the DNS resolvers on your network that you want to forward the queries to. If a query matches multiple rules (example.com, acme.example.com), Resolver chooses the rule with the most specific match (acme.example.com) and forwards the query to the IP addresses that you specified in that rule. For more information, see How Route 53 Resolver Forwards DNS Queries from Your VPCs to Your Network in the Amazon Route 53 Developer Guide.

Like Amazon VPC, Resolver is regional. In each region where you have VPCs, you can choose whether to forward queries from your VPCs to your network (outbound queries), from your network to your VPCs (inbound queries), or both.

Link to this section Summary

Functions

Adds IP addresses to an inbound or an outbound Resolver endpoint.

Associates an Amazon VPC with a specified query logging configuration.

Associates a Resolver rule with a VPC.

Creates a Resolver query logging configuration, which defines where you want Resolver to save DNS query logs that originate in your VPCs.

For DNS queries that originate in your VPCs, specifies which Resolver endpoint the queries pass through, one domain name that you want to forward to your network, and the IP addresses of the DNS resolvers in your network.

Removes IP addresses from an inbound or an outbound Resolver endpoint.

Disassociates a VPC from a query logging configuration.

Removes the association between a specified Resolver rule and a specified VPC.

Gets information about a specified Resolver endpoint, such as whether it's an inbound or an outbound Resolver endpoint, and the current status of the endpoint.

Gets information about a specified Resolver query logging configuration, such as the number of VPCs that the configuration is logging queries for and the location that logs are sent to.

Gets information about a specified association between a Resolver query logging configuration and an Amazon VPC.

Gets information about a query logging policy.

Gets information about a specified Resolver rule, such as the domain name that the rule forwards DNS queries for and the ID of the outbound Resolver endpoint that the rule is associated with.

Gets information about an association between a specified Resolver rule and a VPC.

Gets information about a Resolver rule policy.

Gets the IP addresses for a specified Resolver endpoint.

Lists all the Resolver endpoints that were created using the current AWS account.

Lists information about associations between Amazon VPCs and query logging configurations.

Lists information about the specified query logging configurations.

Lists the associations that were created between Resolver rules and VPCs using the current AWS account.

Lists the Resolver rules that were created using the current AWS account.

Lists the tags that you associated with the specified resource.

Specifies an AWS account that you want to share a query logging configuration with, the query logging configuration that you want to share, and the operations that you want the account to be able to perform on the configuration.

Specifies an AWS account that you want to share rules with, the Resolver rules that you want to share, and the operations that you want the account to be able to perform on those rules.

Adds one or more tags to a specified resource.

Removes one or more tags from a specified resource.

Updates the name of an inbound or an outbound Resolver endpoint.

Updates settings for a specified Resolver rule.

Link to this section Functions

Link to this function

associate_resolver_endpoint_ip_address(client, input, options \\ [])

View Source

Adds IP addresses to an inbound or an outbound Resolver endpoint.

If you want to add more than one IP address, submit one AssociateResolverEndpointIpAddress request for each IP address.

To remove an IP address from an endpoint, see DisassociateResolverEndpointIpAddress.

Link to this function

associate_resolver_query_log_config(client, input, options \\ [])

View Source

Associates an Amazon VPC with a specified query logging configuration.

Route 53 Resolver logs DNS queries that originate in all of the Amazon VPCs that are associated with a specified query logging configuration. To associate more than one VPC with a configuration, submit one AssociateResolverQueryLogConfig request for each VPC.

The VPCs that you associate with a query logging configuration must be in the same Region as the configuration.

To remove a VPC from a query logging configuration, see DisassociateResolverQueryLogConfig.

Link to this function

associate_resolver_rule(client, input, options \\ [])

View Source

Associates a Resolver rule with a VPC.

When you associate a rule with a VPC, Resolver forwards all DNS queries for the domain name that is specified in the rule and that originate in the VPC. The queries are forwarded to the IP addresses for the DNS resolvers that are specified in the rule. For more information about rules, see CreateResolverRule.

Link to this function

create_resolver_endpoint(client, input, options \\ [])

View Source

Creates a Resolver endpoint.

There are two types of Resolver endpoints, inbound and outbound:

  • An inbound Resolver endpoint forwards DNS queries to the DNS service for a VPC from your network.

  • An outbound Resolver endpoint forwards DNS queries from the DNS service for a VPC to your network.

Link to this function

create_resolver_query_log_config(client, input, options \\ [])

View Source

Creates a Resolver query logging configuration, which defines where you want Resolver to save DNS query logs that originate in your VPCs.

Resolver can log queries only for VPCs that are in the same Region as the query logging configuration.

To specify which VPCs you want to log queries for, you use AssociateResolverQueryLogConfig. For more information, see AssociateResolverQueryLogConfig.

You can optionally use AWS Resource Access Manager (AWS RAM) to share a query logging configuration with other AWS accounts. The other accounts can then associate VPCs with the configuration. The query logs that Resolver creates for a configuration include all DNS queries that originate in all VPCs that are associated with the configuration.

Link to this function

create_resolver_rule(client, input, options \\ [])

View Source

For DNS queries that originate in your VPCs, specifies which Resolver endpoint the queries pass through, one domain name that you want to forward to your network, and the IP addresses of the DNS resolvers in your network.

Link to this function

delete_resolver_endpoint(client, input, options \\ [])

View Source

Deletes a Resolver endpoint.

The effect of deleting a Resolver endpoint depends on whether it's an inbound or an outbound Resolver endpoint:

  • Inbound: DNS queries from your network are no longer routed to the DNS service for the specified VPC.

  • Outbound: DNS queries from a VPC are no longer routed to your network.

Link to this function

delete_resolver_query_log_config(client, input, options \\ [])

View Source

Deletes a query logging configuration.

When you delete a configuration, Resolver stops logging DNS queries for all of the Amazon VPCs that are associated with the configuration. This also applies if the query logging configuration is shared with other AWS accounts, and the other accounts have associated VPCs with the shared configuration.

Before you can delete a query logging configuration, you must first disassociate all VPCs from the configuration. See DisassociateResolverQueryLogConfig.

If you used Resource Access Manager (RAM) to share a query logging configuration with other accounts, you must stop sharing the configuration before you can delete a configuration. The accounts that you shared the configuration with can first disassociate VPCs that they associated with the configuration, but that's not necessary. If you stop sharing the configuration, those VPCs are automatically disassociated from the configuration.

Link to this function

delete_resolver_rule(client, input, options \\ [])

View Source

Deletes a Resolver rule.

Before you can delete a Resolver rule, you must disassociate it from all the VPCs that you associated the Resolver rule with. For more information, see DisassociateResolverRule.

Link to this function

disassociate_resolver_endpoint_ip_address(client, input, options \\ [])

View Source

Removes IP addresses from an inbound or an outbound Resolver endpoint.

If you want to remove more than one IP address, submit one DisassociateResolverEndpointIpAddress request for each IP address.

To add an IP address to an endpoint, see AssociateResolverEndpointIpAddress.

Link to this function

disassociate_resolver_query_log_config(client, input, options \\ [])

View Source

Disassociates a VPC from a query logging configuration.

Before you can delete a query logging configuration, you must first disassociate all VPCs from the configuration. If you used Resource Access Manager (RAM) to share a query logging configuration with other accounts, VPCs can be disassociated from the configuration in the following ways:

The accounts that you shared the configuration with can disassociate VPCs from the configuration.

You can stop sharing the configuration.

Link to this function

disassociate_resolver_rule(client, input, options \\ [])

View Source

Removes the association between a specified Resolver rule and a specified VPC.

If you disassociate a Resolver rule from a VPC, Resolver stops forwarding DNS queries for the domain name that you specified in the Resolver rule.

Link to this function

get_resolver_endpoint(client, input, options \\ [])

View Source

Gets information about a specified Resolver endpoint, such as whether it's an inbound or an outbound Resolver endpoint, and the current status of the endpoint.

Link to this function

get_resolver_query_log_config(client, input, options \\ [])

View Source

Gets information about a specified Resolver query logging configuration, such as the number of VPCs that the configuration is logging queries for and the location that logs are sent to.

Link to this function

get_resolver_query_log_config_association(client, input, options \\ [])

View Source

Gets information about a specified association between a Resolver query logging configuration and an Amazon VPC.

When you associate a VPC with a query logging configuration, Resolver logs DNS queries that originate in that VPC.

Link to this function

get_resolver_query_log_config_policy(client, input, options \\ [])

View Source

Gets information about a query logging policy.

A query logging policy specifies the Resolver query logging operations and resources that you want to allow another AWS account to be able to use.

Link to this function

get_resolver_rule(client, input, options \\ [])

View Source

Gets information about a specified Resolver rule, such as the domain name that the rule forwards DNS queries for and the ID of the outbound Resolver endpoint that the rule is associated with.

Link to this function

get_resolver_rule_association(client, input, options \\ [])

View Source

Gets information about an association between a specified Resolver rule and a VPC.

You associate a Resolver rule and a VPC using AssociateResolverRule.

Link to this function

get_resolver_rule_policy(client, input, options \\ [])

View Source

Gets information about a Resolver rule policy.

A Resolver rule policy specifies the Resolver operations and resources that you want to allow another AWS account to be able to use.

Link to this function

list_resolver_endpoint_ip_addresses(client, input, options \\ [])

View Source

Gets the IP addresses for a specified Resolver endpoint.

Link to this function

list_resolver_endpoints(client, input, options \\ [])

View Source

Lists all the Resolver endpoints that were created using the current AWS account.

Link to this function

list_resolver_query_log_config_associations(client, input, options \\ [])

View Source

Lists information about associations between Amazon VPCs and query logging configurations.

Link to this function

list_resolver_query_log_configs(client, input, options \\ [])

View Source

Lists information about the specified query logging configurations.

Each configuration defines where you want Resolver to save DNS query logs and specifies the VPCs that you want to log queries for.

Link to this function

list_resolver_rule_associations(client, input, options \\ [])

View Source

Lists the associations that were created between Resolver rules and VPCs using the current AWS account.

Link to this function

list_resolver_rules(client, input, options \\ [])

View Source

Lists the Resolver rules that were created using the current AWS account.

Link to this function

list_tags_for_resource(client, input, options \\ [])

View Source

Lists the tags that you associated with the specified resource.

Link to this function

put_resolver_query_log_config_policy(client, input, options \\ [])

View Source

Specifies an AWS account that you want to share a query logging configuration with, the query logging configuration that you want to share, and the operations that you want the account to be able to perform on the configuration.

Link to this function

put_resolver_rule_policy(client, input, options \\ [])

View Source

Specifies an AWS account that you want to share rules with, the Resolver rules that you want to share, and the operations that you want the account to be able to perform on those rules.

Link to this function

tag_resource(client, input, options \\ [])

View Source

Adds one or more tags to a specified resource.

Link to this function

untag_resource(client, input, options \\ [])

View Source

Removes one or more tags from a specified resource.

Link to this function

update_resolver_endpoint(client, input, options \\ [])

View Source

Updates the name of an inbound or an outbound Resolver endpoint.

Link to this function

update_resolver_rule(client, input, options \\ [])

View Source

Updates settings for a specified Resolver rule.

ResolverRuleId is required, and all other parameters are optional. If you don't specify a parameter, it retains its current value.