Readonly
destinationsAn array of destination services used to store the logs.
Readonly
excludedReadonly
nameThe friendly name of the query logging config.
CAUTION: Changing this property value after initial deployment causes the configuration to be recreated. Please be aware that any downstream dependencies may cause this property update to fail.
Readonly
shareResource Access Manager (RAM) share targets.
Targets can be account names and/or organizational units. Targets must include the account(s)/OU(s) of any VPCs that the logging configuration will be associated with. You do not need to target the delegated admin account.
Generated using TypeDoc
NetworkConfig / CentralNetworkServicesConfig / ResolverConfig / DnsQueryLogsConfig
Route 53 Resolver DNS query logging configuration. Use this configuration to define a centralized query logging configuration that can be associated with VPCs in your environment. You can use this configuration to log queries that originate from your VPCs, queries to your inbound and outbound resolver endpoints, and queries that use Route 53 Resolver DNS firewall to allow, block, or monitor domain lists.
The following example creates a query logging configuration that logs to both S3 and a CloudWatch Logs log group. It is shared with the entire organization.
Example