code.dwrz.net

Go monorepo.
Log | Files | Refs

api_op_CreateQueryLoggingConfig.go (10452B)


      1 // Code generated by smithy-go-codegen DO NOT EDIT.
      2 
      3 package route53
      4 
      5 import (
      6 	"context"
      7 	awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
      8 	"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
      9 	"github.com/aws/aws-sdk-go-v2/service/route53/types"
     10 	"github.com/aws/smithy-go/middleware"
     11 	smithyhttp "github.com/aws/smithy-go/transport/http"
     12 )
     13 
     14 // Creates a configuration for DNS query logging. After you create a query logging
     15 // configuration, Amazon Route 53 begins to publish log data to an Amazon
     16 // CloudWatch Logs log group. DNS query logs contain information about the queries
     17 // that Route 53 receives for a specified public hosted zone, such as the
     18 // following:
     19 //
     20 // * Route 53 edge location that responded to the DNS query
     21 //
     22 // * Domain
     23 // or subdomain that was requested
     24 //
     25 // * DNS record type, such as A or AAAA
     26 //
     27 // * DNS
     28 // response code, such as NoError or ServFail
     29 //
     30 // Log Group and Resource Policy Before
     31 // you create a query logging configuration, perform the following operations. If
     32 // you create a query logging configuration using the Route 53 console, Route 53
     33 // performs these operations automatically.
     34 //
     35 // * Create a CloudWatch Logs log group,
     36 // and make note of the ARN, which you specify when you create a query logging
     37 // configuration. Note the following:
     38 //
     39 // * You must create the log group in the
     40 // us-east-1 region.
     41 //
     42 // * You must use the same Amazon Web Services account to create
     43 // the log group and the hosted zone that you want to configure query logging
     44 // for.
     45 //
     46 // * When you create log groups for query logging, we recommend that you use
     47 // a consistent prefix, for example: /aws/route53/hosted zone name  In the next
     48 // step, you'll create a resource policy, which controls access to one or more log
     49 // groups and the associated Amazon Web Services resources, such as Route 53 hosted
     50 // zones. There's a limit on the number of resource policies that you can create,
     51 // so we recommend that you use a consistent prefix so you can use the same
     52 // resource policy for all the log groups that you create for query logging.
     53 //
     54 // *
     55 // Create a CloudWatch Logs resource policy, and give it the permissions that Route
     56 // 53 needs to create log streams and to send query logs to log streams. For the
     57 // value of Resource, specify the ARN for the log group that you created in the
     58 // previous step. To use the same resource policy for all the CloudWatch Logs log
     59 // groups that you created for query logging configurations, replace the hosted
     60 // zone name with *, for example:
     61 // arn:aws:logs:us-east-1:123412341234:log-group:/aws/route53/* To avoid the
     62 // confused deputy problem, a security issue where an entity without a permission
     63 // for an action can coerce a more-privileged entity to perform it, you can
     64 // optionally limit the permissions that a service has to a resource in a
     65 // resource-based policy by supplying the following values:
     66 //
     67 // * For aws:SourceArn,
     68 // supply the hosted zone ARN used in creating the query logging configuration. For
     69 // example, aws:SourceArn: arn:aws:route53:::hostedzone/hosted zone ID.
     70 //
     71 // * For
     72 // aws:SourceAccount, supply the account ID for the account that creates the query
     73 // logging configuration. For example, aws:SourceAccount:111111111111.
     74 //
     75 // For more
     76 // information, see The confused deputy problem
     77 // (https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html) in the
     78 // Amazon Web Services IAM User Guide. You can't use the CloudWatch console to
     79 // create or edit a resource policy. You must use the CloudWatch API, one of the
     80 // Amazon Web Services SDKs, or the CLI.
     81 //
     82 // Log Streams and Edge Locations When Route
     83 // 53 finishes creating the configuration for DNS query logging, it does the
     84 // following:
     85 //
     86 // * Creates a log stream for an edge location the first time that the
     87 // edge location responds to DNS queries for the specified hosted zone. That log
     88 // stream is used to log all queries that Route 53 responds to for that edge
     89 // location.
     90 //
     91 // * Begins to send query logs to the applicable log stream.
     92 //
     93 // The name
     94 // of each log stream is in the following format:  hosted zone ID/edge location
     95 // code  The edge location code is a three-letter code and an arbitrarily assigned
     96 // number, for example, DFW3. The three-letter code typically corresponds with the
     97 // International Air Transport Association airport code for an airport near the
     98 // edge location. (These abbreviations might change in the future.) For a list of
     99 // edge locations, see "The Route 53 Global Network" on the Route 53 Product
    100 // Details (http://aws.amazon.com/route53/details/) page. Queries That Are Logged
    101 // Query logs contain only the queries that DNS resolvers forward to Route 53. If a
    102 // DNS resolver has already cached the response to a query (such as the IP address
    103 // for a load balancer for example.com), the resolver will continue to return the
    104 // cached response. It doesn't forward another query to Route 53 until the TTL for
    105 // the corresponding resource record set expires. Depending on how many DNS queries
    106 // are submitted for a resource record set, and depending on the TTL for that
    107 // resource record set, query logs might contain information about only one query
    108 // out of every several thousand queries that are submitted to DNS. For more
    109 // information about how DNS works, see Routing Internet Traffic to Your Website or
    110 // Web Application
    111 // (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/welcome-dns-service.html)
    112 // in the Amazon Route 53 Developer Guide. Log File Format For a list of the values
    113 // in each query log and the format of each value, see Logging DNS Queries
    114 // (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html) in
    115 // the Amazon Route 53 Developer Guide. Pricing For information about charges for
    116 // query logs, see Amazon CloudWatch Pricing
    117 // (http://aws.amazon.com/cloudwatch/pricing/). How to Stop Logging If you want
    118 // Route 53 to stop sending query logs to CloudWatch Logs, delete the query logging
    119 // configuration. For more information, see DeleteQueryLoggingConfig
    120 // (https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteQueryLoggingConfig.html).
    121 func (c *Client) CreateQueryLoggingConfig(ctx context.Context, params *CreateQueryLoggingConfigInput, optFns ...func(*Options)) (*CreateQueryLoggingConfigOutput, error) {
    122 	if params == nil {
    123 		params = &CreateQueryLoggingConfigInput{}
    124 	}
    125 
    126 	result, metadata, err := c.invokeOperation(ctx, "CreateQueryLoggingConfig", params, optFns, c.addOperationCreateQueryLoggingConfigMiddlewares)
    127 	if err != nil {
    128 		return nil, err
    129 	}
    130 
    131 	out := result.(*CreateQueryLoggingConfigOutput)
    132 	out.ResultMetadata = metadata
    133 	return out, nil
    134 }
    135 
    136 type CreateQueryLoggingConfigInput struct {
    137 
    138 	// The Amazon Resource Name (ARN) for the log group that you want to Amazon Route
    139 	// 53 to send query logs to. This is the format of the ARN:
    140 	// arn:aws:logs:region:account-id:log-group:log_group_name To get the ARN for a log
    141 	// group, you can use the CloudWatch console, the DescribeLogGroups
    142 	// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeLogGroups.html)
    143 	// API action, the describe-log-groups
    144 	// (https://docs.aws.amazon.com/cli/latest/reference/logs/describe-log-groups.html)
    145 	// command, or the applicable command in one of the Amazon Web Services SDKs.
    146 	//
    147 	// This member is required.
    148 	CloudWatchLogsLogGroupArn *string
    149 
    150 	// The ID of the hosted zone that you want to log queries for. You can log queries
    151 	// only for public hosted zones.
    152 	//
    153 	// This member is required.
    154 	HostedZoneId *string
    155 
    156 	noSmithyDocumentSerde
    157 }
    158 
    159 type CreateQueryLoggingConfigOutput struct {
    160 
    161 	// The unique URL representing the new query logging configuration.
    162 	//
    163 	// This member is required.
    164 	Location *string
    165 
    166 	// A complex type that contains the ID for a query logging configuration, the ID of
    167 	// the hosted zone that you want to log queries for, and the ARN for the log group
    168 	// that you want Amazon Route 53 to send query logs to.
    169 	//
    170 	// This member is required.
    171 	QueryLoggingConfig *types.QueryLoggingConfig
    172 
    173 	// Metadata pertaining to the operation's result.
    174 	ResultMetadata middleware.Metadata
    175 
    176 	noSmithyDocumentSerde
    177 }
    178 
    179 func (c *Client) addOperationCreateQueryLoggingConfigMiddlewares(stack *middleware.Stack, options Options) (err error) {
    180 	err = stack.Serialize.Add(&awsRestxml_serializeOpCreateQueryLoggingConfig{}, middleware.After)
    181 	if err != nil {
    182 		return err
    183 	}
    184 	err = stack.Deserialize.Add(&awsRestxml_deserializeOpCreateQueryLoggingConfig{}, middleware.After)
    185 	if err != nil {
    186 		return err
    187 	}
    188 	if err = addSetLoggerMiddleware(stack, options); err != nil {
    189 		return err
    190 	}
    191 	if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil {
    192 		return err
    193 	}
    194 	if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil {
    195 		return err
    196 	}
    197 	if err = addResolveEndpointMiddleware(stack, options); err != nil {
    198 		return err
    199 	}
    200 	if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil {
    201 		return err
    202 	}
    203 	if err = addRetryMiddlewares(stack, options); err != nil {
    204 		return err
    205 	}
    206 	if err = addHTTPSignerV4Middleware(stack, options); err != nil {
    207 		return err
    208 	}
    209 	if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil {
    210 		return err
    211 	}
    212 	if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil {
    213 		return err
    214 	}
    215 	if err = addClientUserAgent(stack); err != nil {
    216 		return err
    217 	}
    218 	if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
    219 		return err
    220 	}
    221 	if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
    222 		return err
    223 	}
    224 	if err = addOpCreateQueryLoggingConfigValidationMiddleware(stack); err != nil {
    225 		return err
    226 	}
    227 	if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateQueryLoggingConfig(options.Region), middleware.Before); err != nil {
    228 		return err
    229 	}
    230 	if err = addRequestIDRetrieverMiddleware(stack); err != nil {
    231 		return err
    232 	}
    233 	if err = addResponseErrorMiddleware(stack); err != nil {
    234 		return err
    235 	}
    236 	if err = addSanitizeURLMiddleware(stack); err != nil {
    237 		return err
    238 	}
    239 	if err = addRequestResponseLogging(stack, options); err != nil {
    240 		return err
    241 	}
    242 	return nil
    243 }
    244 
    245 func newServiceMetadataMiddleware_opCreateQueryLoggingConfig(region string) *awsmiddleware.RegisterServiceMetadata {
    246 	return &awsmiddleware.RegisterServiceMetadata{
    247 		Region:        region,
    248 		ServiceID:     ServiceID,
    249 		SigningName:   "route53",
    250 		OperationName: "CreateQueryLoggingConfig",
    251 	}
    252 }