Skip to content

Commit

Permalink
NOJIRA Add Route53 Resolver Query Logging
Browse files Browse the repository at this point in the history
  • Loading branch information
@kurtismash
kurtismash committed Dec 11, 2024
1 parent d28111d commit 7905c78
Showing 1 changed file with 20 additions and 0 deletions.
20 changes: 20 additions & 0 deletions vpc/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -245,6 +245,26 @@ resource "aws_cloudwatch_log_group" "flow_log_log_group" {
)
}

resource "aws_route53_resolver_query_log_config" "route53_resolver_log" {
name = "${aws_vpc.main.id}-query-logs"
destination_arn = aws_cloudwatch_log_group.route53_resolver_log_group
}

resource "aws_route53_resolver_query_log_config_association" "route53_resolver_log_association" {
resolver_query_log_config_id = aws_route53_resolver_query_log_config.route53_resolver_log.id
resource_id = aws_vpc.main
}

resource "aws_cloudwatch_log_group" "route53_resolver_log_group" {
name = "/vpc/${aws_vpc.main.id}/route53-resolver"
tags = merge(
var.tags,
tomap(dns
{ "Name" = "/vpc/${aws_vpc.main.id}/route53-resolver" }
)
)
}

resource "aws_network_acl" "private_nacl" {
vpc_id = aws_vpc.main.id
subnet_ids = aws_subnet.private.*.id
Expand Down

0 comments on commit 7905c78

Please sign in to comment.