Route53Resolver / Client / update_resolver_rule

update_resolver_rule#

Route53Resolver.Client.update_resolver_rule(**kwargs)#

Updates settings for a specified Resolver rule. ResolverRuleId is required, and all other parameters are optional. If you don’t specify a parameter, it retains its current value.

See also: AWS API Documentation

Request Syntax

response = client.update_resolver_rule(
    ResolverRuleId='string',
    Config={
        'Name': 'string',
        'TargetIps': [
            {
                'Ip': 'string',
                'Port': 123,
                'Ipv6': 'string',
                'Protocol': 'DoH'|'Do53'|'DoH-FIPS',
                'ServerNameIndication': 'string'
            },
        ],
        'ResolverEndpointId': 'string'
    }
)
Parameters:
  • ResolverRuleId (string) –

    [REQUIRED]

    The ID of the Resolver rule that you want to update.

  • Config (dict) –

    [REQUIRED]

    The new settings for the Resolver rule.

    • Name (string) –

      The new name for the Resolver rule. The name that you specify appears in the Resolver dashboard in the Route 53 console.

    • TargetIps (list) –

      For DNS queries that originate in your VPC, the new IP addresses that you want to route outbound DNS queries to.

      • (dict) –

        In a CreateResolverRule request, an array of the IPs that you want to forward DNS queries to.

        • Ip (string) –

          One IPv4 address that you want to forward DNS queries to.

        • Port (integer) –

          The port at Ip that you want to forward DNS queries to.

        • Ipv6 (string) –

          One IPv6 address that you want to forward DNS queries to.

        • Protocol (string) –

          The protocols for the Resolver endpoints. DoH-FIPS is applicable for inbound endpoints only.

          For an inbound endpoint you can apply the protocols as follows:

          • Do53 and DoH in combination.

          • Do53 and DoH-FIPS in combination.

          • Do53 alone.

          • DoH alone.

          • DoH-FIPS alone.

          • None, which is treated as Do53.

          For an outbound endpoint you can apply the protocols as follows:

          • Do53 and DoH in combination.

          • Do53 alone.

          • DoH alone.

          • None, which is treated as Do53.

        • ServerNameIndication (string) –

          The Server Name Indication of the DoH server that you want to forward queries to. This is only used if the Protocol of the TargetAddress is DoH.

    • ResolverEndpointId (string) –

      The ID of the new outbound Resolver endpoint that you want to use to route DNS queries to the IP addresses that you specify in TargetIps.

Return type:

dict

Returns:

Response Syntax

{
    'ResolverRule': {
        'Id': 'string',
        'CreatorRequestId': 'string',
        'Arn': 'string',
        'DomainName': 'string',
        'Status': 'COMPLETE'|'DELETING'|'UPDATING'|'FAILED',
        'StatusMessage': 'string',
        'RuleType': 'FORWARD'|'SYSTEM'|'RECURSIVE',
        'Name': 'string',
        'TargetIps': [
            {
                'Ip': 'string',
                'Port': 123,
                'Ipv6': 'string',
                'Protocol': 'DoH'|'Do53'|'DoH-FIPS',
                'ServerNameIndication': 'string'
            },
        ],
        'ResolverEndpointId': 'string',
        'OwnerId': 'string',
        'ShareStatus': 'NOT_SHARED'|'SHARED_WITH_ME'|'SHARED_BY_ME',
        'CreationTime': 'string',
        'ModificationTime': 'string'
    }
}

Response Structure

  • (dict) –

    • ResolverRule (dict) –

      The response to an UpdateResolverRule request.

      • Id (string) –

        The ID that Resolver assigned to the Resolver rule when you created it.

      • CreatorRequestId (string) –

        A unique string that you specified when you created the Resolver rule. CreatorRequestId identifies the request and allows failed requests to be retried without the risk of running the operation twice.

      • Arn (string) –

        The ARN (Amazon Resource Name) for the Resolver rule specified by Id.

      • DomainName (string) –

        DNS queries for this domain name are forwarded to the IP addresses that are specified in TargetIps. If a query matches multiple Resolver rules (example.com and www.example.com), the query is routed using the Resolver rule that contains the most specific domain name (www.example.com).

      • Status (string) –

        A code that specifies the current status of the Resolver rule.

      • StatusMessage (string) –

        A detailed description of the status of a Resolver rule.

      • RuleType (string) –

        When you want to forward DNS queries for specified domain name to resolvers on your network, specify FORWARD.

        When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, specify SYSTEM.

        For example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify FORWARD for RuleType. To then have Resolver process queries for apex.example.com, you create a rule and specify SYSTEM for RuleType.

        Currently, only Resolver can create rules that have a value of RECURSIVE for RuleType.

      • Name (string) –

        The name for the Resolver rule, which you specified when you created the Resolver rule.

      • TargetIps (list) –

        An array that contains the IP addresses and ports that an outbound endpoint forwards DNS queries to. Typically, these are the IP addresses of DNS resolvers on your network.

        • (dict) –

          In a CreateResolverRule request, an array of the IPs that you want to forward DNS queries to.

          • Ip (string) –

            One IPv4 address that you want to forward DNS queries to.

          • Port (integer) –

            The port at Ip that you want to forward DNS queries to.

          • Ipv6 (string) –

            One IPv6 address that you want to forward DNS queries to.

          • Protocol (string) –

            The protocols for the Resolver endpoints. DoH-FIPS is applicable for inbound endpoints only.

            For an inbound endpoint you can apply the protocols as follows:

            • Do53 and DoH in combination.

            • Do53 and DoH-FIPS in combination.

            • Do53 alone.

            • DoH alone.

            • DoH-FIPS alone.

            • None, which is treated as Do53.

            For an outbound endpoint you can apply the protocols as follows:

            • Do53 and DoH in combination.

            • Do53 alone.

            • DoH alone.

            • None, which is treated as Do53.

          • ServerNameIndication (string) –

            The Server Name Indication of the DoH server that you want to forward queries to. This is only used if the Protocol of the TargetAddress is DoH.

      • ResolverEndpointId (string) –

        The ID of the endpoint that the rule is associated with.

      • OwnerId (string) –

        When a rule is shared with another Amazon Web Services account, the account ID of the account that the rule is shared with.

      • ShareStatus (string) –

        Whether the rule is shared and, if so, whether the current account is sharing the rule with another account, or another account is sharing the rule with the current account.

      • CreationTime (string) –

        The date and time that the Resolver rule was created, in Unix time format and Coordinated Universal Time (UTC).

      • ModificationTime (string) –

        The date and time that the Resolver rule was last updated, in Unix time format and Coordinated Universal Time (UTC).

Exceptions

  • Route53Resolver.Client.exceptions.InvalidRequestException

  • Route53Resolver.Client.exceptions.InvalidParameterException

  • Route53Resolver.Client.exceptions.ResourceNotFoundException

  • Route53Resolver.Client.exceptions.ResourceUnavailableException

  • Route53Resolver.Client.exceptions.LimitExceededException

  • Route53Resolver.Client.exceptions.InternalServiceErrorException

  • Route53Resolver.Client.exceptions.ThrottlingException

  • Route53Resolver.Client.exceptions.AccessDeniedException