resolver_endpoints
Creates, updates, deletes or gets a resolver_endpoint resource or lists resolver_endpoints in a region
Overview
| Name | resolver_endpoints |
| Type | Resource |
| Description | Resource type definition for AWS::Route53Resolver::ResolverEndpoint |
| Id | awscc.route53resolver.resolver_endpoints |
Fields
| Name | Datatype | Description |
|---|---|---|
arn | string | The Amazon Resource Name (ARN) of the resolver endpoint, such as arn:aws:route53resolver:us-east-1:123456789012:resolver-endpoint/resolver-endpoint-a1bzhi. |
direction | string | Indicates whether the Resolver endpoint allows inbound or outbound DNS queries:<br />- INBOUND: allows DNS queries to your VPC from your network <br />- OUTBOUND: allows DNS queries from your VPC to your network <br />- INBOUND_DELEGATION: allows DNS queries to your VPC from your network with authoritative answers from private hosted zones |
host_vpc_id | string | The ID of the VPC that you want to create the resolver endpoint in. |
ip_address_count | string | The number of IP addresses that the resolver endpoint can use for DNS queries. |
ip_addresses | array | The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). The subnet ID uniquely identifies a VPC. |
name | string | A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console. |
outpost_arn | string | The ARN (Amazon Resource Name) for the Outpost. |
preferred_instance_type | string | The Amazon EC2 instance type. |
protocols | array | Protocols used for the endpoint. DoH-FIPS is applicable for inbound endpoints only. |
resolver_endpoint_id | string | The ID of the resolver endpoint. |
resolver_endpoint_type | string | The Resolver endpoint IP address type. |
security_group_ids | array | The ID of one or more security groups that control access to this VPC. The security group must include one or more inbound rules (for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port that you're using for DNS queries on your network. |
tags | array | An array of key-value pairs to apply to this resource. |
region | string | AWS region. |
For more information, see AWS::Route53Resolver::ResolverEndpoint.
Methods
| Name | Accessible by | Required Params |
|---|---|---|
create_resource | INSERT | Direction, IpAddresses, SecurityGroupIds, region |
delete_resource | DELETE | data__Identifier, region |
update_resource | UPDATE | data__Identifier, data__PatchDocument, region |
list_resources | SELECT | region |
get_resource | SELECT | data__Identifier, region |
SELECT examples
Gets all properties from an individual resolver_endpoint.
SELECT
region,
arn,
direction,
host_vpc_id,
ip_address_count,
ip_addresses,
name,
outpost_arn,
preferred_instance_type,
protocols,
resolver_endpoint_id,
resolver_endpoint_type,
security_group_ids,
tags
FROM awscc.route53resolver.resolver_endpoints
WHERE region = 'us-east-1' AND data__Identifier = '<ResolverEndpointId>';
INSERT example
Use the following StackQL query and manifest file to create a new resolver_endpoint resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.route53resolver.resolver_endpoints (
Direction,
IpAddresses,
SecurityGroupIds,
region
)
SELECT
'{{ Direction }}',
'{{ IpAddresses }}',
'{{ SecurityGroupIds }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.route53resolver.resolver_endpoints (
Direction,
IpAddresses,
Name,
OutpostArn,
PreferredInstanceType,
Protocols,
ResolverEndpointType,
SecurityGroupIds,
Tags,
region
)
SELECT
'{{ Direction }}',
'{{ IpAddresses }}',
'{{ Name }}',
'{{ OutpostArn }}',
'{{ PreferredInstanceType }}',
'{{ Protocols }}',
'{{ ResolverEndpointType }}',
'{{ SecurityGroupIds }}',
'{{ Tags }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: resolver_endpoint
props:
- name: Direction
value: '{{ Direction }}'
- name: IpAddresses
value:
- Ip: '{{ Ip }}'
Ipv6: '{{ Ipv6 }}'
SubnetId: '{{ SubnetId }}'
- name: Name
value: '{{ Name }}'
- name: OutpostArn
value: '{{ OutpostArn }}'
- name: PreferredInstanceType
value: '{{ PreferredInstanceType }}'
- name: Protocols
value:
- '{{ Protocols[0] }}'
- name: ResolverEndpointType
value: '{{ ResolverEndpointType }}'
- name: SecurityGroupIds
value:
- '{{ SecurityGroupIds[0] }}'
- name: Tags
value:
- Key: '{{ Key }}'
Value: '{{ Value }}'
DELETE example
/*+ delete */
DELETE FROM awscc.route53resolver.resolver_endpoints
WHERE data__Identifier = '<ResolverEndpointId>'
AND region = 'us-east-1';
Permissions
To operate on the resolver_endpoints resource, the following permissions are required:
Create
route53resolver:CreateResolverEndpoint,
route53resolver:GetResolverEndpoint,
route53resolver:ListResolverEndpointIpAddresses,
route53resolver:ListTagsForResource,
route53resolver:TagResource,
route53resolver:UntagResource,
ec2:CreateNetworkInterface,
ec2:DescribeNetworkInterfaces,
ec2:DescribeSubnets,
ec2:DescribeSecurityGroups,
ec2:DescribeVpcs
Read
route53resolver:GetResolverEndpoint,
route53resolver:ListResolverEndpointIpAddresses,
route53resolver:ListTagsForResource
Update
route53resolver:AssociateResolverEndpointIpAddress,
route53resolver:DisassociateResolverEndpointIpAddress,
route53resolver:GetResolverEndpoint,
route53resolver:ListResolverEndpointIpAddresses,
route53resolver:ListTagsForResource,
route53resolver:TagResource,
route53resolver:UntagResource,
route53resolver:UpdateResolverEndpoint,
ec2:AssignIpv6Addresses,
ec2:CreateNetworkInterface,
ec2:DeleteNetworkInterface,
ec2:DescribeNetworkInterfaces,
ec2:DescribeSecurityGroups,
ec2:DescribeSubnets,
ec2:DescribeVpcs,
ec2:ModifyNetworkInterfaceAttribute,
ec2:UnassignIpv6Addresses
Delete
route53resolver:DeleteResolverEndpoint,
route53resolver:GetResolverEndpoint,
ec2:DeleteNetworkInterface,
ec2:DescribeNetworkInterfaces
List
route53resolver:ListResolverEndpoints