aws.resolver-logs

Filters

is-associated

Checks LogConfig Associations for VPCs.

example:

policies:
    - name: r53-resolver-query-log-config-associations
      resource: resolver-logs
      filters:
       - type: is-associated
         vpcid: "vpc-12345678"
properties:
  type:
    enum:
    - is-associated
  vpcid:
    pattern: ^(?:vpc-[0-9a-f]{8,17}|all)$
    type: string
required:
- type

Permissions - route53resolver:ListResolverQueryLogConfigAssociations

Actions

associate-vpc

Associates ResolverQueryLogConfig to a VPC

example:

policies:
  - name: r53-resolver-query-log-config-associate
    resource: resolver-logs
    filters:
      - type: value
        key: 'Name'
        op: eq
        value: "Test-rqlc"
    actions:
      - type: associate-vpc
        vpcid: all
properties:
  type:
    enum:
    - associate-vpc
  vpcid:
    pattern: ^(?:vpc-[0-9a-f]{8,17}|all)$
    type: string
required:
- vpcid
- type

Permissions - route53resolver:AssociateResolverQueryLogConfig, route53resolver:ListResolverQueryLogConfigAssociations