{ "version":"2.0", "metadata":{ "apiVersion":"2018-04-01", "endpointPrefix":"route53resolver", "jsonVersion":"1.1", "protocol":"json", "serviceAbbreviation":"Route53Resolver", "serviceFullName":"Amazon Route 53 Resolver", "serviceId":"Route53Resolver", "signatureVersion":"v4", "targetPrefix":"Route53Resolver", "uid":"route53resolver-2018-04-01" }, "operations":{ "AssociateResolverEndpointIpAddress":{ "name":"AssociateResolverEndpointIpAddress", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"AssociateResolverEndpointIpAddressRequest"}, "output":{"shape":"AssociateResolverEndpointIpAddressResponse"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InvalidParameterException"}, {"shape":"InvalidRequestException"}, {"shape":"ResourceExistsException"}, {"shape":"InternalServiceErrorException"}, {"shape":"LimitExceededException"}, {"shape":"ThrottlingException"} ], "documentation":"
Adds IP addresses to an inbound or an outbound resolver endpoint. If you want to adding more than one IP address, submit one AssociateResolverEndpointIpAddress
request for each IP address.
To remove an IP address from an endpoint, see DisassociateResolverEndpointIpAddress.
" }, "AssociateResolverRule":{ "name":"AssociateResolverRule", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"AssociateResolverRuleRequest"}, "output":{"shape":"AssociateResolverRuleResponse"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InvalidRequestException"}, {"shape":"InvalidParameterException"}, {"shape":"ResourceUnavailableException"}, {"shape":"ResourceExistsException"}, {"shape":"InternalServiceErrorException"}, {"shape":"ThrottlingException"} ], "documentation":"Associates a resolver rule with a VPC. When you associate a rule with a VPC, Resolver forwards all DNS queries for the domain name that is specified in the rule and that originate in the VPC. The queries are forwarded to the IP addresses for the DNS resolvers that are specified in the rule. For more information about rules, see CreateResolverRule.
" }, "CreateResolverEndpoint":{ "name":"CreateResolverEndpoint", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"CreateResolverEndpointRequest"}, "output":{"shape":"CreateResolverEndpointResponse"}, "errors":[ {"shape":"InvalidParameterException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidRequestException"}, {"shape":"ResourceExistsException"}, {"shape":"LimitExceededException"}, {"shape":"InternalServiceErrorException"}, {"shape":"ThrottlingException"} ], "documentation":"Creates a resolver endpoint. There are two types of resolver endpoints, inbound and outbound:
An inbound resolver endpoint forwards DNS queries to the DNS service for a VPC from your network or another VPC.
An outbound resolver endpoint forwards DNS queries from the DNS service for a VPC to your network or another VPC.
For DNS queries that originate in your VPCs, specifies which resolver endpoint the queries pass through, one domain name that you want to forward to your network, and the IP addresses of the DNS resolvers in your network.
" }, "DeleteResolverEndpoint":{ "name":"DeleteResolverEndpoint", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"DeleteResolverEndpointRequest"}, "output":{"shape":"DeleteResolverEndpointResponse"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InvalidParameterException"}, {"shape":"InvalidRequestException"}, {"shape":"InternalServiceErrorException"}, {"shape":"ThrottlingException"} ], "documentation":"Deletes a resolver endpoint. The effect of deleting a resolver endpoint depends on whether it's an inbound or an outbound resolver endpoint:
Inbound: DNS queries from your network or another VPC are no longer routed to the DNS service for the specified VPC.
Outbound: DNS queries from a VPC are no longer routed to your network or to another VPC.
Deletes a resolver rule. Before you can delete a resolver rule, you must disassociate it from all the VPCs that you associated the resolver rule with. For more infomation, see DisassociateResolverRule.
" }, "DisassociateResolverEndpointIpAddress":{ "name":"DisassociateResolverEndpointIpAddress", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"DisassociateResolverEndpointIpAddressRequest"}, "output":{"shape":"DisassociateResolverEndpointIpAddressResponse"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InvalidParameterException"}, {"shape":"InvalidRequestException"}, {"shape":"ResourceExistsException"}, {"shape":"InternalServiceErrorException"}, {"shape":"ThrottlingException"} ], "documentation":"Removes IP addresses from an inbound or an outbound resolver endpoint. If you want to remove more than one IP address, submit one DisassociateResolverEndpointIpAddress
request for each IP address.
To add an IP address to an endpoint, see AssociateResolverEndpointIpAddress.
" }, "DisassociateResolverRule":{ "name":"DisassociateResolverRule", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"DisassociateResolverRuleRequest"}, "output":{"shape":"DisassociateResolverRuleResponse"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InvalidParameterException"}, {"shape":"InternalServiceErrorException"}, {"shape":"ThrottlingException"} ], "documentation":"Removes the association between a specified resolver rule and a specified VPC.
If you disassociate a resolver rule from a VPC, Resolver stops forwarding DNS queries for the domain name that you specified in the resolver rule.
Gets information about a specified resolver endpoint, such as whether it's an inbound or an outbound resolver endpoint, and the current status of the endpoint.
" }, "GetResolverRule":{ "name":"GetResolverRule", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"GetResolverRuleRequest"}, "output":{"shape":"GetResolverRuleResponse"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InvalidParameterException"}, {"shape":"InternalServiceErrorException"}, {"shape":"ThrottlingException"} ], "documentation":"Gets information about a specified resolver rule, such as the domain name that the rule forwards DNS queries for and the ID of the outbound resolver endpoint that the rule is associated with.
" }, "GetResolverRuleAssociation":{ "name":"GetResolverRuleAssociation", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"GetResolverRuleAssociationRequest"}, "output":{"shape":"GetResolverRuleAssociationResponse"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InvalidParameterException"}, {"shape":"InternalServiceErrorException"}, {"shape":"ThrottlingException"} ], "documentation":"Gets information about an association between a specified resolver rule and a VPC. You associate a resolver rule and a VPC using AssociateResolverRule.
" }, "GetResolverRulePolicy":{ "name":"GetResolverRulePolicy", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"GetResolverRulePolicyRequest"}, "output":{"shape":"GetResolverRulePolicyResponse"}, "errors":[ {"shape":"InvalidParameterException"}, {"shape":"UnknownResourceException"}, {"shape":"InternalServiceErrorException"} ], "documentation":"Gets information about a resolver rule policy. A resolver rule policy specifies the Resolver operations and resources that you want to allow another AWS account to be able to use.
" }, "ListResolverEndpointIpAddresses":{ "name":"ListResolverEndpointIpAddresses", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"ListResolverEndpointIpAddressesRequest"}, "output":{"shape":"ListResolverEndpointIpAddressesResponse"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InvalidParameterException"}, {"shape":"InternalServiceErrorException"}, {"shape":"InvalidNextTokenException"}, {"shape":"ThrottlingException"} ], "documentation":"Gets the IP addresses for a specified resolver endpoint.
" }, "ListResolverEndpoints":{ "name":"ListResolverEndpoints", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"ListResolverEndpointsRequest"}, "output":{"shape":"ListResolverEndpointsResponse"}, "errors":[ {"shape":"InvalidNextTokenException"}, {"shape":"InvalidRequestException"}, {"shape":"InvalidParameterException"}, {"shape":"InternalServiceErrorException"}, {"shape":"ThrottlingException"} ], "documentation":"Lists all the resolver endpoints that were created using the current AWS account.
" }, "ListResolverRuleAssociations":{ "name":"ListResolverRuleAssociations", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"ListResolverRuleAssociationsRequest"}, "output":{"shape":"ListResolverRuleAssociationsResponse"}, "errors":[ {"shape":"InvalidNextTokenException"}, {"shape":"InvalidRequestException"}, {"shape":"InvalidParameterException"}, {"shape":"InternalServiceErrorException"}, {"shape":"ThrottlingException"} ], "documentation":"Lists the associations that were created between resolver rules and VPCs using the current AWS account.
" }, "ListResolverRules":{ "name":"ListResolverRules", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"ListResolverRulesRequest"}, "output":{"shape":"ListResolverRulesResponse"}, "errors":[ {"shape":"InvalidNextTokenException"}, {"shape":"InvalidRequestException"}, {"shape":"InvalidParameterException"}, {"shape":"InternalServiceErrorException"}, {"shape":"ThrottlingException"} ], "documentation":"Lists the resolver rules that were created using the current AWS account.
" }, "ListTagsForResource":{ "name":"ListTagsForResource", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"ListTagsForResourceRequest"}, "output":{"shape":"ListTagsForResourceResponse"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InvalidParameterException"}, {"shape":"InvalidNextTokenException"}, {"shape":"InvalidRequestException"}, {"shape":"InternalServiceErrorException"}, {"shape":"ThrottlingException"} ], "documentation":"Lists the tags that you associated with the specified resource.
" }, "PutResolverRulePolicy":{ "name":"PutResolverRulePolicy", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"PutResolverRulePolicyRequest"}, "output":{"shape":"PutResolverRulePolicyResponse"}, "errors":[ {"shape":"InvalidPolicyDocument"}, {"shape":"InvalidParameterException"}, {"shape":"UnknownResourceException"}, {"shape":"InternalServiceErrorException"} ], "documentation":"Specifies the Resolver operations and resources that you want to allow another AWS account to be able to use.
" }, "TagResource":{ "name":"TagResource", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"TagResourceRequest"}, "output":{"shape":"TagResourceResponse"}, "errors":[ {"shape":"LimitExceededException"}, {"shape":"ResourceNotFoundException"}, {"shape":"InvalidParameterException"}, {"shape":"InvalidTagException"}, {"shape":"InternalServiceErrorException"}, {"shape":"ThrottlingException"} ], "documentation":"Adds one or more tags to a specified resource.
" }, "UntagResource":{ "name":"UntagResource", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"UntagResourceRequest"}, "output":{"shape":"UntagResourceResponse"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InvalidParameterException"}, {"shape":"InternalServiceErrorException"}, {"shape":"ThrottlingException"} ], "documentation":"Removes one or more tags from a specified resource.
" }, "UpdateResolverEndpoint":{ "name":"UpdateResolverEndpoint", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"UpdateResolverEndpointRequest"}, "output":{"shape":"UpdateResolverEndpointResponse"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InvalidParameterException"}, {"shape":"InvalidRequestException"}, {"shape":"InternalServiceErrorException"}, {"shape":"ThrottlingException"} ], "documentation":"Updates the name of an inbound or an outbound resolver endpoint.
" }, "UpdateResolverRule":{ "name":"UpdateResolverRule", "http":{ "method":"POST", "requestUri":"/" }, "input":{"shape":"UpdateResolverRuleRequest"}, "output":{"shape":"UpdateResolverRuleResponse"}, "errors":[ {"shape":"InvalidRequestException"}, {"shape":"InvalidParameterException"}, {"shape":"ResourceNotFoundException"}, {"shape":"ResourceUnavailableException"}, {"shape":"LimitExceededException"}, {"shape":"InternalServiceErrorException"}, {"shape":"ThrottlingException"} ], "documentation":"Updates settings for a specified resolver rule. ResolverRuleId
is required, and all other parameters are optional. If you don't specify a parameter, it retains its current value.
The ID of the resolver endpoint that you want to associate IP addresses with.
" }, "IpAddress":{ "shape":"IpAddressUpdate", "documentation":"Either the IPv4 address that you want to add to a resolver endpoint or a subnet ID. If you specify a subnet ID, Resolver chooses an IP address for you from the available IPs in the specified subnet.
" } } }, "AssociateResolverEndpointIpAddressResponse":{ "type":"structure", "members":{ "ResolverEndpoint":{ "shape":"ResolverEndpoint", "documentation":"The response to an AssociateResolverEndpointIpAddress
request.
The ID of the resolver rule that you want to associate with the VPC. To list the existing resolver rules, use ListResolverRules.
" }, "Name":{ "shape":"Name", "documentation":"A name for the association that you're creating between a resolver rule and a VPC.
" }, "VPCId":{ "shape":"ResourceId", "documentation":"The ID of the VPC that you want to associate the resolver rule with.
" } } }, "AssociateResolverRuleResponse":{ "type":"structure", "members":{ "ResolverRuleAssociation":{ "shape":"ResolverRuleAssociation", "documentation":"Information about the AssociateResolverRule
request, including the status of the request.
A unique string that identifies the request and that allows failed requests to be retried without the risk of executing the operation twice. CreatorRequestId
can be any unique string, for example, a date/time stamp.
A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console.
" }, "SecurityGroupIds":{ "shape":"SecurityGroupIds", "documentation":"The ID of one or more security groups that you want to use to control access to this VPC. The security group that you specify must include one or more inbound rules (for inbound resolver endpoints) or outbound rules (for outbound resolver endpoints).
", "box":true }, "Direction":{ "shape":"ResolverEndpointDirection", "documentation":"Specify the applicable value:
INBOUND
: Resolver forwards DNS queries to the DNS service for a VPC from your network or another VPC
OUTBOUND
: Resolver forwards DNS queries from the DNS service for a VPC to your network or another VPC
The subnets and IP addresses in your VPC that you want DNS queries to pass through on the way from your VPCs to your network (for outbound endpoints) or on the way from your network to your VPCs (for inbound resolver endpoints).
" }, "Tags":{ "shape":"TagList", "documentation":"A list of the tag keys and values that you want to associate with the endpoint.
", "box":true } } }, "CreateResolverEndpointResponse":{ "type":"structure", "members":{ "ResolverEndpoint":{ "shape":"ResolverEndpoint", "documentation":"Information about the CreateResolverEndpoint
request, including the status of the request.
A unique string that identifies the request and that allows failed requests to be retried without the risk of executing the operation twice. CreatorRequestId
can be any unique string, for example, a date/time stamp.
A friendly name that lets you easily find a rule in the Resolver dashboard in the Route 53 console.
" }, "RuleType":{ "shape":"RuleTypeOption", "documentation":"Specify FORWARD
. Other resolver rule types aren't supported.
DNS queries for this domain name are forwarded to the IP addresses that you specify in TargetIps
. If a query matches multiple resolver rules (example.com and www.example.com), outbound DNS queries are routed using the resolver rule that contains the most specific domain name (www.example.com).
The IPs that you want Resolver to forward DNS queries to. You can specify only IPv4 addresses. Separate IP addresses with a comma.
", "box":true }, "ResolverEndpointId":{ "shape":"ResourceId", "documentation":"The ID of the outbound resolver endpoint that you want to use to route DNS queries to the IP addresses that you specify in TargetIps
.
A list of the tag keys and values that you want to associate with the endpoint.
", "box":true } } }, "CreateResolverRuleResponse":{ "type":"structure", "members":{ "ResolverRule":{ "shape":"ResolverRule", "documentation":"Information about the CreateResolverRule
request, including the status of the request.
The ID of the resolver endpoint that you want to delete.
" } } }, "DeleteResolverEndpointResponse":{ "type":"structure", "members":{ "ResolverEndpoint":{ "shape":"ResolverEndpoint", "documentation":"Information about the DeleteResolverEndpoint
request, including the status of the request.
The ID of the resolver rule that you want to delete.
" } } }, "DeleteResolverRuleResponse":{ "type":"structure", "members":{ "ResolverRule":{ "shape":"ResolverRule", "documentation":"Information about the DeleteResolverRule
request, including the status of the request.
The ID of the resolver endpoint that you want to disassociate an IP address from.
" }, "IpAddress":{ "shape":"IpAddressUpdate", "documentation":"The IPv4 address that you want to remove from a resolver endpoint.
" } } }, "DisassociateResolverEndpointIpAddressResponse":{ "type":"structure", "members":{ "ResolverEndpoint":{ "shape":"ResolverEndpoint", "documentation":"The response to an DisassociateResolverEndpointIpAddress
request.
The ID of the VPC that you want to disassociate the resolver rule from.
" }, "ResolverRuleId":{ "shape":"ResourceId", "documentation":"The ID of the resolver rule that you want to disassociate from the specified VPC.
" } } }, "DisassociateResolverRuleResponse":{ "type":"structure", "members":{ "ResolverRuleAssociation":{ "shape":"ResolverRuleAssociation", "documentation":"Information about the DisassociateResolverRule
request, including the status of the request.
When you're using a List
operation and you want the operation to return a subset of objects, such as resolver endpoints or resolver rules, the name of the parameter that you want to use to filter objects. For example, to list only inbound resolver endpoints, specify Direction
for the value of Name
.
When you're using a List
operation and you want the operation to return a subset of objects, such as resolver endpoints or resolver rules, the value of the parameter that you want to use to filter objects. For example, to list only inbound resolver endpoints, specify INBOUND
for the value of Values
.
For List
operations, an optional specification to return a subset of objects, such as resolver endpoints or resolver rules.
The ID of the resolver endpoint that you want to get information about.
" } } }, "GetResolverEndpointResponse":{ "type":"structure", "members":{ "ResolverEndpoint":{ "shape":"ResolverEndpoint", "documentation":"Information about the resolver endpoint that you specified in a GetResolverEndpoint
request.
The ID of the resolver rule association that you want to get information about.
" } } }, "GetResolverRuleAssociationResponse":{ "type":"structure", "members":{ "ResolverRuleAssociation":{ "shape":"ResolverRuleAssociation", "documentation":"Information about the resolver rule association that you specified in a GetResolverRuleAssociation
request.
The ID of the resolver rule policy that you want to get information about.
" } } }, "GetResolverRulePolicyResponse":{ "type":"structure", "members":{ "ResolverRulePolicy":{ "shape":"ResolverRulePolicy", "documentation":"Information about the resolver rule policy that you specified in a GetResolverRulePolicy
request.
The ID of the resolver rule that you want to get information about.
" } } }, "GetResolverRuleResponse":{ "type":"structure", "members":{ "ResolverRule":{ "shape":"ResolverRule", "documentation":"Information about the resolver rule that you specified in a GetResolverRule
request.
We encountered an unknown error. Try again in a few minutes.
", "exception":true }, "InvalidNextTokenException":{ "type":"structure", "members":{ "Message":{"shape":"String"} }, "documentation":"The value that you specified for NextToken
in a List
request isn't valid.
For an InvalidParameterException
error, the name of the parameter that's invalid.
One or more parameters in this request are not valid.
", "exception":true }, "InvalidPolicyDocument":{ "type":"structure", "members":{ "Message":{"shape":"ExceptionMessage"} }, "documentation":"The specified resolver rule policy is invalid.
", "exception":true }, "InvalidRequestException":{ "type":"structure", "members":{ "Message":{"shape":"ExceptionMessage"} }, "documentation":"The request is invalid.
", "exception":true }, "InvalidTagException":{ "type":"structure", "members":{ "Message":{"shape":"ExceptionMessage"} }, "documentation":"The specified tag is invalid.
", "exception":true }, "Ip":{ "type":"string", "max":36, "min":7 }, "IpAddressCount":{"type":"integer"}, "IpAddressRequest":{ "type":"structure", "required":["SubnetId"], "members":{ "SubnetId":{ "shape":"SubnetId", "documentation":"The subnet that contains the IP address.
" }, "Ip":{ "shape":"Ip", "documentation":"The IP address that you want to use for DNS queries.
", "box":true } }, "documentation":"In an CreateResolverEndpoint request, a subnet and IP address that you want to use for DNS queries.
" }, "IpAddressResponse":{ "type":"structure", "members":{ "IpId":{ "shape":"ResourceId", "documentation":"The ID of one IP address.
" }, "SubnetId":{ "shape":"SubnetId", "documentation":"The ID of one subnet.
" }, "Ip":{ "shape":"Ip", "documentation":"One IP address that the resolver endpoint uses for DNS queries.
" }, "Status":{ "shape":"IpAddressStatus", "documentation":"A status code that gives the current status of the request.
" }, "StatusMessage":{ "shape":"StatusMessage", "documentation":"A message that provides additional information about the status of the request.
" }, "CreationTime":{ "shape":"Rfc3339TimeString", "documentation":"The date and time that the IP address was created, in Unix time format and Coordinated Universal Time (UTC).
" }, "ModificationTime":{ "shape":"Rfc3339TimeString", "documentation":"The date and time that the IP address was last modified, in Unix time format and Coordinated Universal Time (UTC).
" } }, "documentation":"In the response to a GetResolverEndpoint request, information about the IP addresses that the resolver endpoint uses for DNS queries.
" }, "IpAddressStatus":{ "type":"string", "enum":[ "CREATING", "FAILED_CREATION", "ATTACHING", "ATTACHED", "REMAP_DETACHING", "REMAP_ATTACHING", "DETACHING", "FAILED_RESOURCE_GONE", "DELETING", "DELETE_FAILED_FAS_EXPIRED" ] }, "IpAddressUpdate":{ "type":"structure", "members":{ "IpId":{ "shape":"ResourceId", "documentation":"Only when removing an IP address from a resolver endpoint: The ID of the IP address that you want to remove. To get this ID, use GetResolverEndpoint.
", "box":true }, "SubnetId":{ "shape":"SubnetId", "documentation":"The ID of the subnet that includes the IP address that you want to update. To get this ID, use GetResolverEndpoint.
", "box":true }, "Ip":{ "shape":"Ip", "documentation":"The new IP address.
", "box":true } }, "documentation":"In an UpdateResolverEndpoint request, information about an IP address to update.
" }, "IpAddressesRequest":{ "type":"list", "member":{"shape":"IpAddressRequest"}, "max":10, "min":1 }, "IpAddressesResponse":{ "type":"list", "member":{"shape":"IpAddressResponse"} }, "LimitExceededException":{ "type":"structure", "members":{ "Message":{"shape":"String"}, "ResourceType":{ "shape":"String", "documentation":"For a LimitExceededException
error, the type of resource that exceeded the current limit.
The request caused one or more limits to be exceeded.
", "exception":true }, "ListResolverEndpointIpAddressesRequest":{ "type":"structure", "required":["ResolverEndpointId"], "members":{ "ResolverEndpointId":{ "shape":"ResourceId", "documentation":"The ID of the resolver endpoint that you want to get IP addresses for.
" }, "MaxResults":{ "shape":"MaxResults", "documentation":"The maximum number of IP addresses that you want to return in the response to a ListResolverEndpointIpAddresses
request. If you don't specify a value for MaxResults
, Resolver returns up to 100 IP addresses.
For the first ListResolverEndpointIpAddresses
request, omit this value.
If the specified resolver endpoint has more than MaxResults
IP addresses, you can submit another ListResolverEndpointIpAddresses
request to get the next group of IP addresses. In the next request, specify the value of NextToken
from the previous response.
If the specified endpoint has more than MaxResults
IP addresses, you can submit another ListResolverEndpointIpAddresses
request to get the next group of IP addresses. In the next request, specify the value of NextToken
from the previous response.
The value that you specified for MaxResults
in the request.
The IP addresses that DNS queries pass through on their way to your network (outbound endpoint) or on the way to Resolver (inbound endpoint).
" } } }, "ListResolverEndpointsRequest":{ "type":"structure", "members":{ "MaxResults":{ "shape":"MaxResults", "documentation":"The maximum number of resolver endpoints that you want to return in the response to a ListResolverEndpoints
request. If you don't specify a value for MaxResults
, Resolver returns up to 100 resolver endpoints.
For the first ListResolverEndpoints
request, omit this value.
If you have more than MaxResults
resolver endpoints, you can submit another ListResolverEndpoints
request to get the next group of resolver endpoints. In the next request, specify the value of NextToken
from the previous response.
An optional specification to return a subset of resolver endpoints, such as all inbound resolver endpoints.
If you submit a second or subsequent ListResolverEndpoints
request and specify the NextToken
parameter, you must use the same values for Filters
, if any, as in the previous request.
If more than MaxResults
IP addresses match the specified criteria, you can submit another ListResolverEndpoint
request to get the next group of results. In the next request, specify the value of NextToken
from the previous response.
The value that you specified for MaxResults
in the request.
The resolver endpoints that were created by using the current AWS account, and that match the specified filters, if any.
" } } }, "ListResolverRuleAssociationsRequest":{ "type":"structure", "members":{ "MaxResults":{ "shape":"MaxResults", "documentation":"The maximum number of rule associations that you want to return in the response to a ListResolverRuleAssociations
request. If you don't specify a value for MaxResults
, Resolver returns up to 100 rule associations.
For the first ListResolverRuleAssociation
request, omit this value.
If you have more than MaxResults
rule associations, you can submit another ListResolverRuleAssociation
request to get the next group of rule associations. In the next request, specify the value of NextToken
from the previous response.
An optional specification to return a subset of resolver rules, such as resolver rules that are associated with the same VPC ID.
If you submit a second or subsequent ListResolverRuleAssociations
request and specify the NextToken
parameter, you must use the same values for Filters
, if any, as in the previous request.
If more than MaxResults
rule associations match the specified criteria, you can submit another ListResolverRuleAssociation
request to get the next group of results. In the next request, specify the value of NextToken
from the previous response.
The value that you specified for MaxResults
in the request.
The associations that were created between resolver rules and VPCs using the current AWS account, and that match the specified filters, if any.
" } } }, "ListResolverRulesRequest":{ "type":"structure", "members":{ "MaxResults":{ "shape":"MaxResults", "documentation":"The maximum number of resolver rules that you want to return in the response to a ListResolverRules
request. If you don't specify a value for MaxResults
, Resolver returns up to 100 resolver rules.
For the first ListResolverRules
request, omit this value.
If you have more than MaxResults
resolver rules, you can submit another ListResolverRules
request to get the next group of resolver rules. In the next request, specify the value of NextToken
from the previous response.
An optional specification to return a subset of resolver rules, such as all resolver rules that are associated with the same resolver endpoint.
If you submit a second or subsequent ListResolverRules
request and specify the NextToken
parameter, you must use the same values for Filters
, if any, as in the previous request.
If more than MaxResults
resolver rules match the specified criteria, you can submit another ListResolverRules
request to get the next group of results. In the next request, specify the value of NextToken
from the previous response.
The value that you specified for MaxResults
in the request.
The resolver rules that were created using the current AWS account and that match the specified filters, if any.
" } } }, "ListTagsForResourceRequest":{ "type":"structure", "required":["ResourceArn"], "members":{ "ResourceArn":{ "shape":"Arn", "documentation":"The Amazon Resource Name (ARN) for the resource that you want to list tags for.
" }, "MaxResults":{ "shape":"MaxResults", "documentation":"The maximum number of tags that you want to return in the response to a ListTagsForResource
request. If you don't specify a value for MaxResults
, Resolver returns up to 100 tags.
For the first ListTagsForResource
request, omit this value.
If you have more than MaxResults
tags, you can submit another ListTagsForResource
request to get the next group of tags for the resource. In the next request, specify the value of NextToken
from the previous response.
The tags that are associated with the resource that you specified in the ListTagsForResource
request.
If more than MaxResults
tags match the specified criteria, you can submit another ListTagsForResource
request to get the next group of results. In the next request, specify the value of NextToken
from the previous response.
The Amazon Resource Name (ARN) of the account that you want to grant permissions to.
" }, "ResolverRulePolicy":{ "shape":"ResolverRulePolicy", "documentation":"An AWS Identity and Access Management policy statement that lists the permissions that you want to grant to another AWS account.
" } } }, "PutResolverRulePolicyResponse":{ "type":"structure", "members":{ "ReturnValue":{ "shape":"Boolean", "documentation":"Whether the PutResolverRulePolicy
request was successful.
The response to a PutResolverRulePolicy
request.
The ID of the resolver endpoint.
" }, "CreatorRequestId":{ "shape":"CreatorRequestId", "documentation":"A unique string that identifies the request that created the resolver endpoint. The CreatorRequestId
allows failed requests to be retried without the risk of executing the operation twice.
The ARN (Amazon Resource Name) for the resolver endpoint.
" }, "Name":{ "shape":"Name", "documentation":"The name that you assigned to the resolver endpoint when you submitted a CreateResolverEndpoint request.
" }, "SecurityGroupIds":{ "shape":"SecurityGroupIds", "documentation":"The ID of one or more security groups that control access to this VPC. The security group must include one or more inbound resolver rules.
" }, "Direction":{ "shape":"ResolverEndpointDirection", "documentation":"Indicates whether the resolver endpoint allows inbound or outbound DNS queries:
INBOUND
: allows DNS queries to your VPC from your network or another VPC
OUTBOUND
: allows DNS queries from your VPC to your network or another VPC
The number of IP addresses that the resolver endpoint can use for DNS queries.
" }, "HostVPCId":{ "shape":"ResourceId", "documentation":"The ID of the VPC that you want to create the resolver endpoint in.
" }, "Status":{ "shape":"ResolverEndpointStatus", "documentation":"A code that specifies the current status of the resolver endpoint.
" }, "StatusMessage":{ "shape":"StatusMessage", "documentation":"A detailed description of the status of the resolver endpoint.
" }, "CreationTime":{ "shape":"Rfc3339TimeString", "documentation":"The date and time that the endpoint was created, in Unix time format and Coordinated Universal Time (UTC).
" }, "ModificationTime":{ "shape":"Rfc3339TimeString", "documentation":"The date and time that the endpoint was last modified, in Unix time format and Coordinated Universal Time (UTC).
" } }, "documentation":"In the response to a CreateResolverEndpoint, DeleteResolverEndpoint, GetResolverEndpoint, ListResolverEndpoints, or UpdateResolverEndpoint request, a complex type that contains settings for an existing inbound or outbound resolver endpoint.
" }, "ResolverEndpointDirection":{ "type":"string", "enum":[ "INBOUND", "OUTBOUND" ] }, "ResolverEndpointStatus":{ "type":"string", "enum":[ "CREATING", "OPERATIONAL", "UPDATING", "AUTO_RECOVERING", "ACTION_NEEDED", "DELETING" ] }, "ResolverEndpoints":{ "type":"list", "member":{"shape":"ResolverEndpoint"} }, "ResolverRule":{ "type":"structure", "members":{ "Id":{ "shape":"ResourceId", "documentation":"The ID that Resolver assigned to the resolver rule when you created it.
" }, "CreatorRequestId":{ "shape":"CreatorRequestId", "documentation":"A unique string that you specified when you created the resolver rule. CreatorRequestId
identifies the request and allows failed requests to be retried without the risk of executing the operation twice.
The ARN (Amazon Resource Name) for the resolver rule specified by Id
.
DNS queries for this domain name are forwarded to the IP addresses that are specified in TargetIps
. If a query matches multiple resolver rules (example.com and www.example.com), the query is routed using the resolver rule that contains the most specific domain name (www.example.com).
A code that specifies the current status of the resolver rule.
" }, "StatusMessage":{ "shape":"StatusMessage", "documentation":"A detailed description of the status of a resolver rule.
" }, "RuleType":{ "shape":"RuleTypeOption", "documentation":"This value is always FORWARD
. Other resolver rule types aren't supported.
The name for the resolver rule, which you specified when you created the resolver rule.
" }, "TargetIps":{ "shape":"TargetList", "documentation":"An array that contains the IP addresses and ports that you want to forward
" }, "ResolverEndpointId":{ "shape":"ResourceId", "documentation":"The ID of the endpoint that the rule is associated with.
" }, "OwnerId":{ "shape":"AccountId", "documentation":"When a rule is shared with another AWS account, the account ID of the account that the rule is shared with.
" }, "ShareStatus":{ "shape":"ShareStatus", "documentation":"Whether the rules is shared and, if so, whether the current account is sharing the rule with another account, or another account is sharing the rule with the current account.
" } }, "documentation":"For queries that originate in your VPC, detailed information about a resolver rule, which specifies how to route DNS queries out of the VPC. The ResolverRule
parameter appears in the response to a CreateResolverRule, DeleteResolverRule, GetResolverRule, ListResolverRules, or UpdateResolverRule request.
The ID of the association between a resolver rule and a VPC. Resolver assigns this value when you submit an AssociateResolverRule request.
" }, "ResolverRuleId":{ "shape":"ResourceId", "documentation":"The ID of the resolver rule that you associated with the VPC that is specified by VPCId
.
The name of an association between a resolver rule and a VPC.
" }, "VPCId":{ "shape":"ResourceId", "documentation":"The ID of the VPC that you associated the resolver rule with.
" }, "Status":{ "shape":"ResolverRuleAssociationStatus", "documentation":"A code that specifies the current status of the association between a resolver rule and a VPC.
" }, "StatusMessage":{ "shape":"StatusMessage", "documentation":"A detailed description of the status of the association between a resolver rule and a VPC.
" } }, "documentation":"In the response to an AssociateResolverRule, DisassociateResolverRule, or ListResolverRuleAssociations request, information about an association between a resolver rule and a VPC.
" }, "ResolverRuleAssociationStatus":{ "type":"string", "enum":[ "CREATING", "COMPLETE", "DELETING", "FAILED", "OVERRIDDEN" ] }, "ResolverRuleAssociations":{ "type":"list", "member":{"shape":"ResolverRuleAssociation"} }, "ResolverRuleConfig":{ "type":"structure", "members":{ "Name":{ "shape":"Name", "documentation":"The new name for the resolver rule. The name that you specify appears in the Resolver dashboard in the Route 53 console.
" }, "TargetIps":{ "shape":"TargetList", "documentation":"For DNS queries that originate in your VPC, the new IP addresses that you want to route outbound DNS queries to.
" }, "ResolverEndpointId":{ "shape":"ResourceId", "documentation":"The ID of the new outbound resolver endpoint that you want to use to route DNS queries to the IP addresses that you specify in TargetIps
.
In an UpdateResolverRule request, information about the changes that you want to make.
" }, "ResolverRulePolicy":{ "type":"string", "max":5000 }, "ResolverRuleStatus":{ "type":"string", "enum":[ "COMPLETE", "DELETING", "UPDATING", "FAILED" ] }, "ResolverRules":{ "type":"list", "member":{"shape":"ResolverRule"} }, "ResourceExistsException":{ "type":"structure", "members":{ "Message":{"shape":"String"}, "ResourceType":{ "shape":"String", "documentation":"For a ResourceExistsException
error, the type of resource that the error applies to.
The resource that you tried to create already exists.
", "exception":true }, "ResourceId":{ "type":"string", "max":64, "min":1 }, "ResourceInUseException":{ "type":"structure", "members":{ "Message":{"shape":"String"}, "ResourceType":{ "shape":"String", "documentation":"For a ResourceInUseException
error, the type of resource that is currently in use.
The resource that you tried to update or delete is currently in use.
", "exception":true }, "ResourceNotFoundException":{ "type":"structure", "members":{ "Message":{"shape":"String"}, "ResourceType":{ "shape":"String", "documentation":"For a ResourceNotFoundException
error, the type of resource that doesn't exist.
The specified resource doesn't exist.
", "exception":true }, "ResourceUnavailableException":{ "type":"structure", "members":{ "Message":{"shape":"String"}, "ResourceType":{ "shape":"String", "documentation":"For a ResourceUnavailableException
error, the type of resource that isn't available.
The specified resource isn't available.
", "exception":true }, "Rfc3339TimeString":{ "type":"string", "max":40, "min":20 }, "RuleTypeOption":{ "type":"string", "enum":[ "FORWARD", "SYSTEM", "RECURSIVE" ] }, "SecurityGroupIds":{ "type":"list", "member":{"shape":"ResourceId"} }, "ShareStatus":{ "type":"string", "enum":[ "NOT_SHARED", "SHARED_WITH_ME", "SHARED_BY_ME" ] }, "StatusMessage":{ "type":"string", "max":255 }, "String":{"type":"string"}, "SubnetId":{ "type":"string", "max":32, "min":1 }, "Tag":{ "type":"structure", "members":{ "Key":{ "shape":"TagKey", "documentation":"The name for the tag. For example, if you want to associate Resolver resources with the account IDs of your customers for billing purposes, the value of Key
might be account-id
.
The value for the tag. For example, if Key
is account-id
, then Value
might be the ID of the customer account that you're creating the resource for.
One tag that you want to add to the specified resource. A tag consists of a Key
(a name for the tag) and a Value
.
The Amazon Resource Name (ARN) for the resource that you want to add tags to. To get the ARN for a resource, use the applicable Get
or List
command:
The tags that you want to add to the specified resource.
" } } }, "TagResourceResponse":{ "type":"structure", "members":{ } }, "TagValue":{"type":"string"}, "TargetAddress":{ "type":"structure", "required":["Ip"], "members":{ "Ip":{ "shape":"Ip", "documentation":"One IP address that you want to forward DNS queries to. You can specify only IPv4 addresses.
" }, "Port":{ "shape":"Port", "documentation":"The port at Ip
that you want to forward DNS queries to.
In a CreateResolverRule request, an array of the IPs that you want to forward DNS queries to.
" }, "TargetList":{ "type":"list", "member":{"shape":"TargetAddress"}, "min":1 }, "ThrottlingException":{ "type":"structure", "members":{ "Message":{"shape":"ExceptionMessage"} }, "documentation":"The request was throttled. Try again in a few minutes.
", "exception":true }, "UnknownResourceException":{ "type":"structure", "members":{ "Message":{"shape":"ExceptionMessage"} }, "documentation":"The specified resource doesn't exist.
", "exception":true }, "UntagResourceRequest":{ "type":"structure", "required":[ "ResourceArn", "TagKeys" ], "members":{ "ResourceArn":{ "shape":"Arn", "documentation":"The Amazon Resource Name (ARN) for the resource that you want to remove tags from. To get the ARN for a resource, use the applicable Get
or List
command:
The tags that you want to remove to the specified resource.
" } } }, "UntagResourceResponse":{ "type":"structure", "members":{ } }, "UpdateResolverEndpointRequest":{ "type":"structure", "required":["ResolverEndpointId"], "members":{ "ResolverEndpointId":{ "shape":"ResourceId", "documentation":"The ID of the resolver endpoint that you want to update.
" }, "Name":{ "shape":"Name", "documentation":"The name of the resolver endpoint that you want to update.
", "box":true } } }, "UpdateResolverEndpointResponse":{ "type":"structure", "members":{ "ResolverEndpoint":{ "shape":"ResolverEndpoint", "documentation":"The response to an UpdateResolverEndpoint
request.
The ID of the resolver rule that you want to update.
" }, "Config":{ "shape":"ResolverRuleConfig", "documentation":"The new settings for the resolver rule.
" } } }, "UpdateResolverRuleResponse":{ "type":"structure", "members":{ "ResolverRule":{ "shape":"ResolverRule", "documentation":"The response to an UpdateResolverRule
request.
Here's how you set up to query an Amazon Route 53 private hosted zone from your network:
Connect your network to a VPC using AWS Direct Connect or a VPN.
Run the following AWS CLI command to create a Resolver endpoint:
create-resolver-endpoint --name [endpoint_name] --direction INBOUND --creator-request-id [unique_string] --security-group-ids [security_group_with_inbound_rules] --ip-addresses SubnetId=[subnet_id] SubnetId=[subnet_id_in_different_AZ]
Note the resolver endpoint ID that appears in the response. You'll use it in step 3.
Get the IP addresses for the Resolver endpoints:
get-resolver-endpoint --resolver-endpoint-id [resolver_endpoint_id]
In your network configuration, define the IP addresses that you got in step 3 as DNS servers.
You can now query instance names in your VPCs and the names of records in your private hosted zone.
You can also perform the following operations using the AWS CLI:
list-resolver-endpoints
: List all endpoints. The syntax includes options for pagination and filtering.
update-resolver-endpoints
: Add IP addresses to an endpoint or remove IP addresses from an endpoint.
To delete an endpoint, use the following AWS CLI command:
delete-resolver-endpoint --resolver-endpoint-id [resolver_endpoint_id]