Posted On: Feb 5, 2024
Today, we are announcing the availability of Route 53 Resolver Query Logging in the Canada West (Calgary) Region. Route 53 Resolver Query Logging enables you to log DNS queries that originate in your Amazon Virtual Private Clouds (Amazon VPCs). With query logging enabled, you can see which domain names have been queried, the AWS resources from which the queries originated - including source IP and instance ID - and the responses that were received.
Route 53 Resolver is the Amazon DNS server that is available by default in all Amazon VPCs. Route 53 Resolver responds to DNS queries from AWS resources within a VPC for public DNS records, Amazon VPC-specific DNS names, and Amazon Route 53 private hosted zones. With Route 53 Resolver Query Logging, customers can log DNS queries and responses for queries originating from within their VPCs, whether those queries are answered locally by Route 53 Resolver, are resolved over the public internet, or are forwarded to on-premises DNS servers via Resolver Endpoints. You can share your query logging configurations across multiple accounts using AWS Resource Access Manager (RAM). You can also choose to send your query logs to Amazon S3, Amazon CloudWatch Logs, or Amazon Kinesis Data Firehose.
There is no additional charge to use Route 53 Resolver Query Logging, although you may incur usage charges from Amazon S3, Amazon CloudWatch, or Amazon Kinesis Data Firehose. To learn more about Route 53 Resolver Query Logging or to get started, visit the Route 53 product page or the Route 53 documentation.