Skip to content

Client

route53resolver R Documentation

Amazon Route 53 Resolver

Description

When you create a VPC using Amazon VPC, you automatically get DNS resolution within the VPC from Route 53 Resolver. By default, Resolver answers DNS queries for VPC domain names such as domain names for EC2 instances or Elastic Load Balancing load balancers. Resolver performs recursive lookups against public name servers for all other domain names.

You can also configure DNS resolution between your VPC and your network over a Direct Connect or VPN connection:

Forward DNS queries from resolvers on your network to Route 53 Resolver

DNS resolvers on your network can forward DNS queries to Resolver in a specified VPC. This allows your DNS resolvers to easily resolve domain names for Amazon Web Services resources such as EC2 instances or records in a Route 53 private hosted zone. For more information, see How DNS Resolvers on Your Network Forward DNS Queries to Route 53 Resolver in the Amazon Route 53 Developer Guide.

Conditionally forward queries from a VPC to resolvers on your network

You can configure Resolver to forward queries that it receives from EC2 instances in your VPCs to DNS resolvers on your network. To forward selected queries, you create Resolver rules that specify the domain names for the DNS queries that you want to forward (such as example.com), and the IP addresses of the DNS resolvers on your network that you want to forward the queries to. If a query matches multiple rules (example.com, acme.example.com), Resolver chooses the rule with the most specific match (acme.example.com) and forwards the query to the IP addresses that you specified in that rule. For more information, see How Route 53 Resolver Forwards DNS Queries from Your VPCs to Your Network in the Amazon Route 53 Developer Guide.

Like Amazon VPC, Resolver is Regional. In each Region where you have VPCs, you can choose whether to forward queries from your VPCs to your network (outbound queries), from your network to your VPCs (inbound queries), or both.

Usage

route53resolver(
  config = list(),
  credentials = list(),
  endpoint = NULL,
  region = NULL
)

Arguments

config

Optional configuration of credentials, endpoint, and/or region.

  • credentials:

    • creds:

      • access_key_id: AWS access key ID

      • secret_access_key: AWS secret access key

      • session_token: AWS temporary session token

    • profile: The name of a profile to use. If not given, then the default profile is used.

    • anonymous: Set anonymous credentials.

  • endpoint: The complete URL to use for the constructed client.

  • region: The AWS Region used in instantiating the client.

  • close_connection: Immediately close all HTTP connections.

  • timeout: The time in seconds till a timeout exception is thrown when attempting to make a connection. The default is 60 seconds.

  • s3_force_path_style: Set this to true to force the request to use path-style addressing, i.e. ⁠http://s3.amazonaws.com/BUCKET/KEY⁠.

  • sts_regional_endpoint: Set sts regional endpoint resolver to regional or legacy https://docs.aws.amazon.com/sdkref/latest/guide/feature-sts-regionalized-endpoints.html

credentials

Optional credentials shorthand for the config parameter

  • creds:

    • access_key_id: AWS access key ID

    • secret_access_key: AWS secret access key

    • session_token: AWS temporary session token

  • profile: The name of a profile to use. If not given, then the default profile is used.

  • anonymous: Set anonymous credentials.

endpoint

Optional shorthand for complete URL to use for the constructed client.

region

Optional shorthand for AWS Region used in instantiating the client.

Value

A client for the service. You can call the service's operations using syntax like svc$operation(...), where svc is the name you've assigned to the client. The available operations are listed in the Operations section.

Service syntax

svc <- route53resolver(
  config = list(
    credentials = list(
      creds = list(
        access_key_id = "string",
        secret_access_key = "string",
        session_token = "string"
      ),
      profile = "string",
      anonymous = "logical"
    ),
    endpoint = "string",
    region = "string",
    close_connection = "logical",
    timeout = "numeric",
    s3_force_path_style = "logical",
    sts_regional_endpoint = "string"
  ),
  credentials = list(
    creds = list(
      access_key_id = "string",
      secret_access_key = "string",
      session_token = "string"
    ),
    profile = "string",
    anonymous = "logical"
  ),
  endpoint = "string",
  region = "string"
)

Operations

associate_firewall_rule_group
Associates a FirewallRuleGroup with a VPC, to provide DNS filtering for the VPC
associate_resolver_endpoint_ip_address
Adds IP addresses to an inbound or an outbound Resolver endpoint
associate_resolver_query_log_config
Associates an Amazon VPC with a specified query logging configuration
associate_resolver_rule
Associates a Resolver rule with a VPC
create_firewall_domain_list
Creates an empty firewall domain list for use in DNS Firewall rules
create_firewall_rule
Creates a single DNS Firewall rule in the specified rule group, using the specified domain list
create_firewall_rule_group
Creates an empty DNS Firewall rule group for filtering DNS network traffic in a VPC
create_outpost_resolver
Creates a Route 53 Resolver on an Outpost
create_resolver_endpoint
Creates a Resolver endpoint
create_resolver_query_log_config
Creates a Resolver query logging configuration, which defines where you want Resolver to save DNS query logs that originate in your VPCs
create_resolver_rule
For DNS queries that originate in your VPCs, specifies which Resolver endpoint the queries pass through, one domain name that you want to forward to your network, and the IP addresses of the DNS resolvers in your network
delete_firewall_domain_list
Deletes the specified domain list
delete_firewall_rule
Deletes the specified firewall rule
delete_firewall_rule_group
Deletes the specified firewall rule group
delete_outpost_resolver
Deletes a Resolver on the Outpost
delete_resolver_endpoint
Deletes a Resolver endpoint
delete_resolver_query_log_config
Deletes a query logging configuration
delete_resolver_rule
Deletes a Resolver rule
disassociate_firewall_rule_group
Disassociates a FirewallRuleGroup from a VPC, to remove DNS filtering from the VPC
disassociate_resolver_endpoint_ip_address
Removes IP addresses from an inbound or an outbound Resolver endpoint
disassociate_resolver_query_log_config
Disassociates a VPC from a query logging configuration
disassociate_resolver_rule
Removes the association between a specified Resolver rule and a specified VPC
get_firewall_config
Retrieves the configuration of the firewall behavior provided by DNS Firewall for a single VPC from Amazon Virtual Private Cloud (Amazon VPC)
get_firewall_domain_list
Retrieves the specified firewall domain list
get_firewall_rule_group
Retrieves the specified firewall rule group
get_firewall_rule_group_association
Retrieves a firewall rule group association, which enables DNS filtering for a VPC with one rule group
get_firewall_rule_group_policy
Returns the Identity and Access Management (Amazon Web Services IAM) policy for sharing the specified rule group
get_outpost_resolver
Gets information about a specified Resolver on the Outpost, such as its instance count and type, name, and the current status of the Resolver
get_resolver_config
Retrieves the behavior configuration of Route 53 Resolver behavior for a single VPC from Amazon Virtual Private Cloud
get_resolver_dnssec_config
Gets DNSSEC validation information for a specified resource
get_resolver_endpoint
Gets information about a specified Resolver endpoint, such as whether it's an inbound or an outbound Resolver endpoint, and the current status of the endpoint
get_resolver_query_log_config
Gets information about a specified Resolver query logging configuration, such as the number of VPCs that the configuration is logging queries for and the location that logs are sent to
get_resolver_query_log_config_association
Gets information about a specified association between a Resolver query logging configuration and an Amazon VPC
get_resolver_query_log_config_policy
Gets information about a query logging policy
get_resolver_rule
Gets information about a specified Resolver rule, such as the domain name that the rule forwards DNS queries for and the ID of the outbound Resolver endpoint that the rule is associated with
get_resolver_rule_association
Gets information about an association between a specified Resolver rule and a VPC
get_resolver_rule_policy
Gets information about the Resolver rule policy for a specified rule
import_firewall_domains
Imports domain names from a file into a domain list, for use in a DNS firewall rule group
list_firewall_configs
Retrieves the firewall configurations that you have defined
list_firewall_domain_lists
Retrieves the firewall domain lists that you have defined
list_firewall_domains
Retrieves the domains that you have defined for the specified firewall domain list
list_firewall_rule_group_associations
Retrieves the firewall rule group associations that you have defined
list_firewall_rule_groups
Retrieves the minimal high-level information for the rule groups that you have defined
list_firewall_rules
Retrieves the firewall rules that you have defined for the specified firewall rule group
list_outpost_resolvers
Lists all the Resolvers on Outposts that were created using the current Amazon Web Services account
list_resolver_configs
Retrieves the Resolver configurations that you have defined
list_resolver_dnssec_configs
Lists the configurations for DNSSEC validation that are associated with the current Amazon Web Services account
list_resolver_endpoint_ip_addresses
Gets the IP addresses for a specified Resolver endpoint
list_resolver_endpoints
Lists all the Resolver endpoints that were created using the current Amazon Web Services account
list_resolver_query_log_config_associations
Lists information about associations between Amazon VPCs and query logging configurations
list_resolver_query_log_configs
Lists information about the specified query logging configurations
list_resolver_rule_associations
Lists the associations that were created between Resolver rules and VPCs using the current Amazon Web Services account
list_resolver_rules
Lists the Resolver rules that were created using the current Amazon Web Services account
list_tags_for_resource
Lists the tags that you associated with the specified resource
put_firewall_rule_group_policy
Attaches an Identity and Access Management (Amazon Web Services IAM) policy for sharing the rule group
put_resolver_query_log_config_policy
Specifies an Amazon Web Services account that you want to share a query logging configuration with, the query logging configuration that you want to share, and the operations that you want the account to be able to perform on the configuration
put_resolver_rule_policy
Specifies an Amazon Web Services rule that you want to share with another account, the account that you want to share the rule with, and the operations that you want the account to be able to perform on the rule
tag_resource
Adds one or more tags to a specified resource
untag_resource
Removes one or more tags from a specified resource
update_firewall_config
Updates the configuration of the firewall behavior provided by DNS Firewall for a single VPC from Amazon Virtual Private Cloud (Amazon VPC)
update_firewall_domains
Updates the firewall domain list from an array of domain specifications
update_firewall_rule
Updates the specified firewall rule
update_firewall_rule_group_association
Changes the association of a FirewallRuleGroup with a VPC
update_outpost_resolver
You can use UpdateOutpostResolver to update the instance count, type, or name of a Resolver on an Outpost
update_resolver_config
Updates the behavior configuration of Route 53 Resolver behavior for a single VPC from Amazon Virtual Private Cloud
update_resolver_dnssec_config
Updates an existing DNSSEC validation configuration
update_resolver_endpoint
Updates the name, or endpoint type for an inbound or an outbound Resolver endpoint
update_resolver_rule
Updates settings for a specified Resolver rule

Examples

## Not run: 
svc <- route53resolver()
svc$associate_firewall_rule_group(
  Foo = 123
)

## End(Not run)