associate_resolver_query_log_config

associate_resolver_query_log_config(**kwargs)

Associates an Amazon VPC with a specified query logging configuration. Route 53 Resolver logs DNS queries that originate in all of the Amazon VPCs that are associated with a specified query logging configuration. To associate more than one VPC with a configuration, submit one AssociateResolverQueryLogConfig request for each VPC.

Note

The VPCs that you associate with a query logging configuration must be in the same Region as the configuration.

To remove a VPC from a query logging configuration, see DisassociateResolverQueryLogConfig.

See also: AWS API Documentation

Request Syntax

response = client.associate_resolver_query_log_config(
    ResolverQueryLogConfigId='string',
    ResourceId='string'
)
Parameters
  • ResolverQueryLogConfigId (string) --

    [REQUIRED]

    The ID of the query logging configuration that you want to associate a VPC with.

  • ResourceId (string) --

    [REQUIRED]

    The ID of an Amazon VPC that you want this query logging configuration to log queries for.

    Note

    The VPCs and the query logging configuration must be in the same Region.

Return type

dict

Returns

Response Syntax

{
    'ResolverQueryLogConfigAssociation': {
        'Id': 'string',
        'ResolverQueryLogConfigId': 'string',
        'ResourceId': 'string',
        'Status': 'CREATING'|'ACTIVE'|'ACTION_NEEDED'|'DELETING'|'FAILED',
        'Error': 'NONE'|'DESTINATION_NOT_FOUND'|'ACCESS_DENIED'|'INTERNAL_SERVICE_ERROR',
        'ErrorMessage': 'string',
        'CreationTime': 'string'
    }
}

Response Structure

  • (dict) --

    • ResolverQueryLogConfigAssociation (dict) --

      A complex type that contains settings for a specified association between an Amazon VPC and a query logging configuration.

      • Id (string) --

        The ID of the query logging association.

      • ResolverQueryLogConfigId (string) --

        The ID of the query logging configuration that a VPC is associated with.

      • ResourceId (string) --

        The ID of the Amazon VPC that is associated with the query logging configuration.

      • Status (string) --

        The status of the specified query logging association. Valid values include the following:

        • CREATING : Resolver is creating an association between an Amazon VPC and a query logging configuration.
        • CREATED : The association between an Amazon VPC and a query logging configuration was successfully created. Resolver is logging queries that originate in the specified VPC.
        • DELETING : Resolver is deleting this query logging association.
        • FAILED : Resolver either couldn't create or couldn't delete the query logging association.
      • Error (string) --

        If the value of Status is FAILED , the value of Error indicates the cause:

        • DESTINATION_NOT_FOUND : The specified destination (for example, an Amazon S3 bucket) was deleted.
        • ACCESS_DENIED : Permissions don't allow sending logs to the destination.

        If the value of Status is a value other than FAILED , Error is null.

      • ErrorMessage (string) --

        Contains additional information about the error. If the value or Error is null, the value of ErrorMessage also is null.

      • CreationTime (string) --

        The date and time that the VPC was associated with the query logging configuration, in Unix time format and Coordinated Universal Time (UTC).

Exceptions

  • Route53Resolver.Client.exceptions.InvalidParameterException
  • Route53Resolver.Client.exceptions.ResourceNotFoundException
  • Route53Resolver.Client.exceptions.InvalidRequestException
  • Route53Resolver.Client.exceptions.ResourceExistsException
  • Route53Resolver.Client.exceptions.LimitExceededException
  • Route53Resolver.Client.exceptions.InternalServiceErrorException
  • Route53Resolver.Client.exceptions.ThrottlingException
  • Route53Resolver.Client.exceptions.AccessDeniedException