steampipe plugin install awssteampipe plugin install aws

Table: aws_route53_resolver_query_log_config

AWS Route53 Resolver Log Config is a configuration that enables logging for DNS queries and responses in Route53 Resolver. Resolver logs provide detailed information about DNS traffic flowing through the Resolver service, including the source IP, query domain, query type, response code, and more. The log data can be collected and analyzed for monitoring, troubleshooting, and security purposes. Resolver Log Config in AWS Route53 allows you to define the log destination and log format, and associate it with a VPC or a Resolver rule to start capturing the DNS query and response logs.

Note: User must have route53resolver:ListResolverQueryLogConfigs permission for quering the table.

Examples

Basic info

select
  name,
  id,
  arn,
  creation_time,
  share_status,
  status
from
  aws_route53_resolver_query_log_config;

List log configs shared with my account

select
  name,
  id,
  arn,
  creation_time,
  share_status,
  status,
  destination_arn
from
  aws_route53_resolver_query_log_config
where
  owner_id <> account_id;

List failed log configurations

select
  name,
  id,
  creator_request_id,
  destination_arn
from
  aws_route53_resolver_query_log_config
where
  status = 'FAILED';

List log configurations shared with another account or organization

select
  name,
  id,
  share_status,
  association_count
from
  aws_route53_resolver_query_log_config
where
  share_status = 'SHARED';

List log configs created in the last 30 days

select
  name,
  id,
  creation_time,
  destination_arn,
  status
from
  aws_route53_resolver_query_log_config
where
  creation_time >= now() - interval '30' day;

.inspect aws_route53_resolver_query_log_config

AWS Route53 Resolver Query Logging Configuration

Name	Type	Description
_ctx	jsonb	Steampipe context in JSON form, e.g. connection_name.
account_id	text	The AWS Account ID in which the resource is located.
akas	jsonb	Array of globally unique identifier strings (also known as) for the resource.
arn	text	The ARN (Amazon Resource Name) for the query logging configuration.
association_count	bigint	The number of VPCs that are associated with the query logging configuration.
creation_time	timestamp with time zone	The date and time that the query logging configuration was created, in Unix time format and Coordinated Universal Time (UTC).
creator_request_id	text	A unique string that identifies the request that created the query logging configuration.
destination_arn	text	The ARN of the resource that you want Resolver to send query logs: an Amazon S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream.
id	text	The ID for the query logging configuration.
ip_address_count	bigint	The number of IP addresses that you have associated with the Resolver endpoint.
name	text	The name of the query logging configuration.
owner_id	text	The Amazon Web Services account ID for the account that created the query logging configuration.
partition	text	The AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
region	text	The AWS Region in which the resource is located.
share_status	text	An indication of whether the query logging configuration is shared with other Amazon Web Services accounts, or was shared with the current account by another Amazon Web Services account. Sharing is configured through Resource Access Manager (RAM).
status	text	The status of the specified query logging configuration. Valid values include CREATING\|CREATED\|DELETING\|FAILED.
title	text	Title of the resource.

turbot/aws