Steampipe unbundled →
Steampipe Hub 
Hub
Plugins
turbot/aws
Overview
483Tables
Versions
PowerpipeMods
GitHub
steampipe plugin install aws

Table: aws_route53_resolver_query_log_config - Query AWS Route 53 Resolver Query Log Config using SQL

The AWS Route 53 Resolver Query Log Config enables DNS query logging in your Virtual Private Cloud (VPC). It logs the DNS queries that originate in your VPC and forwards them to CloudWatch Logs or S3 for safekeeping and analysis. This service aids in troubleshooting connectivity issues and understanding DNS querying behavior for security analysis.

Table Usage Guide

The aws_route53_resolver_query_log_config table in Steampipe provides you with information about the query logging configurations within AWS Route 53 Resolver. This table allows you, as a DevOps engineer, security professional, or developer, to query configuration-specific details, including the destination, ownership, and status of the log configurations. You can utilize this table to gather insights on configurations, such as the AWS resource that logs are sent to, the number of VPCs that are associated with the configuration, and the ARN of the configuration. The schema outlines the various attributes of the Resolver Query Log Configuration, including the ID, creation time, destination, owner ID, and status.

Important Notes

  • You must have route53resolver:ListResolverQueryLogConfigs permission to query the table.

Examples

Basic info

Explore the status and share status of your AWS Route53 Resolver query log configurations, along with their creation time. This can help in understanding their current state and managing them effectively.

select
  name,
  id,
  arn,
  creation_time,
  share_status,
  status
from
  aws_route53_resolver_query_log_config;
select
  name,
  id,
  arn,
  creation_time,
  share_status,
  status
from
  aws_route53_resolver_query_log_config;

List log configs shared with my account

Determine the areas in which logging configurations are shared with your account but not owned by you. This can help you understand potential dependencies or collaborations within your AWS environment.

select
  name,
  id,
  arn,
  creation_time,
  share_status,
  status,
  destination_arn
from
  aws_route53_resolver_query_log_config
where
  owner_id <> account_id;
select
  name,
  id,
  arn,
  creation_time,
  share_status,
  status,
  destination_arn
from
  aws_route53_resolver_query_log_config
where
  owner_id <> account_id;

List failed log configurations

Discover the segments that have failed to properly log configurations on AWS Route53 Resolver. This is beneficial for identifying and rectifying any issues that may be causing the log configurations to fail.

select
  name,
  id,
  creator_request_id,
  destination_arn
from
  aws_route53_resolver_query_log_config
where
  status = 'FAILED';
select
  name,
  id,
  creator_request_id,
  destination_arn
from
  aws_route53_resolver_query_log_config
where
  status = 'FAILED';

List log configurations shared with another account or organization

Explore which log configurations are shared with another account or organization. This can be useful to manage access and monitor the activity of shared logs.

select
  name,
  id,
  share_status,
  association_count
from
  aws_route53_resolver_query_log_config
where
  share_status = 'SHARED';
select
  name,
  id,
  share_status,
  association_count
from
  aws_route53_resolver_query_log_config
where
  share_status = 'SHARED';

List log configs created in the last 30 days

Determine recent additions to your log configurations by identifying those created within the past month. This allows you to stay updated on any new changes or additions made to your logging setup.

select
  name,
  id,
  creation_time,
  destination_arn,
  status
from
  aws_route53_resolver_query_log_config
where
  creation_time >= now() - interval '30' day;
select
  name,
  id,
  creation_time,
  destination_arn,
  status
from
  aws_route53_resolver_query_log_config
where
  creation_time >= datetime('now', '-30 day');

Schema for aws_route53_resolver_query_log_config

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
account_idtext=, !=, ~~, ~~*, !~~, !~~*The AWS Account ID in which the resource is located.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
arntextThe ARN (Amazon Resource Name) for the query logging configuration.
association_countbigintThe number of VPCs that are associated with the query logging configuration.
creation_timetimestamp with time zoneThe date and time that the query logging configuration was created, in Unix time format and Coordinated Universal Time (UTC).
creator_request_idtext=A unique string that identifies the request that created the query logging configuration.
destination_arntextThe ARN of the resource that you want Resolver to send query logs: an Amazon S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream.
idtext=The ID for the query logging configuration.
ip_address_countbigint=The number of IP addresses that you have associated with the Resolver endpoint.
nametext=The name of the query logging configuration.
owner_idtextThe Amazon Web Services account ID for the account that created the query logging configuration.
partitiontextThe AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov).
regiontextThe AWS Region in which the resource is located.
share_statustextAn indication of whether the query logging configuration is shared with other Amazon Web Services accounts, or was shared with the current account by another Amazon Web Services account. Sharing is configured through Resource Access Manager (RAM).
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
statustext=The status of the specified query logging configuration. Valid values include CREATING|CREATED|DELETING|FAILED.
titletextTitle of the resource.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- aws

You can pass the configuration to the command with the --config argument:

steampipe_export_aws --config '<your_config>' aws_route53_resolver_query_log_config