CreateResolverQueryLogConfigCommand

Suggest an Edit

Creates a Resolver query logging configuration, which defines where you want Resolver to save DNS query logs that originate in your VPCs. Resolver can log queries only for VPCs that are in the same Region as the query logging configuration.

To specify which VPCs you want to log queries for, you use AssociateResolverQueryLogConfig. For more information, see AssociateResolverQueryLogConfig .

You can optionally use Resource Access Manager (RAM) to share a query logging configuration with other Amazon Web Services accounts. The other accounts can then associate VPCs with the configuration. The query logs that Resolver creates for a configuration include all DNS queries that originate in all VPCs that are associated with the configuration.

Example Syntax

Use a bare-bones client and the command you need to make an API call.

import { Route53ResolverClient, CreateResolverQueryLogConfigCommand } from "@aws-sdk/client-route53resolver"; // ES Modules import
// const { Route53ResolverClient, CreateResolverQueryLogConfigCommand } = require("@aws-sdk/client-route53resolver"); // CommonJS import
const client = new Route53ResolverClient(config);
const input = { // CreateResolverQueryLogConfigRequest
  Name: "STRING_VALUE", // required
  DestinationArn: "STRING_VALUE", // required
  CreatorRequestId: "STRING_VALUE", // required
  Tags: [ // TagList
    { // Tag
      Key: "STRING_VALUE", // required
      Value: "STRING_VALUE", // required
    },
  ],
};
const command = new CreateResolverQueryLogConfigCommand(input);
const response = await client.send(command);
// { // CreateResolverQueryLogConfigResponse
//   ResolverQueryLogConfig: { // ResolverQueryLogConfig
//     Id: "STRING_VALUE",
//     OwnerId: "STRING_VALUE",
//     Status: "CREATING" || "CREATED" || "DELETING" || "FAILED",
//     ShareStatus: "NOT_SHARED" || "SHARED_WITH_ME" || "SHARED_BY_ME",
//     AssociationCount: Number("int"),
//     Arn: "STRING_VALUE",
//     Name: "STRING_VALUE",
//     DestinationArn: "STRING_VALUE",
//     CreatorRequestId: "STRING_VALUE",
//     CreationTime: "STRING_VALUE",
//   },
// };

CreateResolverQueryLogConfigCommand Input

See CreateResolverQueryLogConfigCommandInput for more details

Parameter
Type
Description
DestinationArn
Required
string | undefined

The ARN of the resource that you want Resolver to send query logs. You can send query logs to an S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream. Examples of valid values include the following:

  • S3 bucket:

    arn:aws:s3:::amzn-s3-demo-bucket

    You can optionally append a file prefix to the end of the ARN.

    arn:aws:s3:::amzn-s3-demo-bucket/development/

  • CloudWatch Logs log group:

    arn:aws:logs:us-west-1:123456789012:log-group:/mystack-testgroup-12ABC1AB12A1:*

  • Kinesis Data Firehose delivery stream:

    arn:aws:kinesis:us-east-2:0123456789:stream/my_stream_name

Name
Required
string | undefined

The name that you want to give the query logging configuration.

CreatorRequestId
string | undefined

A unique string that identifies the request and that allows failed requests to be retried without the risk of running the operation twice. CreatorRequestId can be any unique string, for example, a date/time stamp.

Tags
Tag[] | undefined

A list of the tag keys and values that you want to associate with the query logging configuration.

CreateResolverQueryLogConfigCommand Output

See CreateResolverQueryLogConfigCommandOutput for details

Parameter
Type
Description
$metadata
Required
ResponseMetadata
Metadata pertaining to this request.
ResolverQueryLogConfig
ResolverQueryLogConfig | undefined

Information about the CreateResolverQueryLogConfig request, including the status of the request.

Throws

Name
Fault
Details
AccessDeniedException
client

The current account doesn't have the IAM permissions required to perform the specified Resolver operation.

This error can also be thrown when a customer has reached the 5120 character limit for a resource policy for CloudWatch Logs.

InternalServiceErrorException
client

We encountered an unknown error. Try again in a few minutes.

InvalidParameterException
client

One or more parameters in this request are not valid.

InvalidRequestException
client

The request is invalid.

LimitExceededException
client

The request caused one or more limits to be exceeded.

ResourceExistsException
client

The resource that you tried to create already exists.

ResourceNotFoundException
client

The specified resource doesn't exist.

ThrottlingException
client

The request was throttled. Try again in a few minutes.

Route53ResolverServiceException
Base exception class for all service exceptions from Route53Resolver service.