Skip to content

Commit a32f8ab

Browse files
author
AWS
committed
Amazon Route 53 Resolver Update: New API for ResolverConfig, which allows autodefined rules for reverse DNS resolution to be disabled for a VPC
1 parent 671efc2 commit a32f8ab

File tree

3 files changed

+189
-2
lines changed

3 files changed

+189
-2
lines changed
Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
{
2+
"type": "feature",
3+
"category": "Amazon Route 53 Resolver",
4+
"contributor": "",
5+
"description": "New API for ResolverConfig, which allows autodefined rules for reverse DNS resolution to be disabled for a VPC"
6+
}

services/route53resolver/src/main/resources/codegen-resources/paginators-1.json

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,12 @@
3636
"limit_key": "MaxResults",
3737
"result_key": "FirewallRules"
3838
},
39+
"ListResolverConfigs": {
40+
"input_token": "NextToken",
41+
"output_token": "NextToken",
42+
"limit_key": "MaxResults",
43+
"result_key": "ResolverConfigs"
44+
},
3945
"ListResolverDnssecConfigs": {
4046
"input_token": "NextToken",
4147
"output_token": "NextToken",

services/route53resolver/src/main/resources/codegen-resources/service-2.json

Lines changed: 177 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -457,6 +457,23 @@
457457
],
458458
"documentation":"<p>Returns the Identity and Access Management (Amazon Web Services IAM) policy for sharing the specified rule group. You can use the policy to share the rule group using Resource Access Manager (RAM). </p>"
459459
},
460+
"GetResolverConfig":{
461+
"name":"GetResolverConfig",
462+
"http":{
463+
"method":"POST",
464+
"requestUri":"/"
465+
},
466+
"input":{"shape":"GetResolverConfigRequest"},
467+
"output":{"shape":"GetResolverConfigResponse"},
468+
"errors":[
469+
{"shape":"ResourceNotFoundException"},
470+
{"shape":"InvalidParameterException"},
471+
{"shape":"InternalServiceErrorException"},
472+
{"shape":"ThrottlingException"},
473+
{"shape":"AccessDeniedException"}
474+
],
475+
"documentation":"<p>Retrieves the behavior configuration of Route 53 Resolver behavior for a single VPC from Amazon Virtual Private Cloud.</p>"
476+
},
460477
"GetResolverDnssecConfig":{
461478
"name":"GetResolverDnssecConfig",
462479
"http":{
@@ -708,6 +725,24 @@
708725
],
709726
"documentation":"<p>Retrieves the firewall rules that you have defined for the specified firewall rule group. DNS Firewall uses the rules in a rule group to filter DNS network traffic for a VPC. </p> <p>A single call might return only a partial list of the rules. For information, see <code>MaxResults</code>. </p>"
710727
},
728+
"ListResolverConfigs":{
729+
"name":"ListResolverConfigs",
730+
"http":{
731+
"method":"POST",
732+
"requestUri":"/"
733+
},
734+
"input":{"shape":"ListResolverConfigsRequest"},
735+
"output":{"shape":"ListResolverConfigsResponse"},
736+
"errors":[
737+
{"shape":"InvalidNextTokenException"},
738+
{"shape":"InvalidRequestException"},
739+
{"shape":"InvalidParameterException"},
740+
{"shape":"InternalServiceErrorException"},
741+
{"shape":"ThrottlingException"},
742+
{"shape":"AccessDeniedException"}
743+
],
744+
"documentation":"<p>Retrieves the Resolver configurations that you have defined. Route 53 Resolver uses the configurations to manage DNS resolution behavior for your VPCs.</p>"
745+
},
711746
"ListResolverDnssecConfigs":{
712747
"name":"ListResolverDnssecConfigs",
713748
"http":{
@@ -1007,6 +1042,26 @@
10071042
],
10081043
"documentation":"<p>Changes the association of a <a>FirewallRuleGroup</a> with a VPC. The association enables DNS filtering for the VPC. </p>"
10091044
},
1045+
"UpdateResolverConfig":{
1046+
"name":"UpdateResolverConfig",
1047+
"http":{
1048+
"method":"POST",
1049+
"requestUri":"/"
1050+
},
1051+
"input":{"shape":"UpdateResolverConfigRequest"},
1052+
"output":{"shape":"UpdateResolverConfigResponse"},
1053+
"errors":[
1054+
{"shape":"InvalidRequestException"},
1055+
{"shape":"InvalidParameterException"},
1056+
{"shape":"ResourceNotFoundException"},
1057+
{"shape":"ResourceUnavailableException"},
1058+
{"shape":"LimitExceededException"},
1059+
{"shape":"InternalServiceErrorException"},
1060+
{"shape":"ThrottlingException"},
1061+
{"shape":"AccessDeniedException"}
1062+
],
1063+
"documentation":"<p>Updates the behavior configuration of Route 53 Resolver behavior for a single VPC from Amazon Virtual Private Cloud.</p>"
1064+
},
10101065
"UpdateResolverDnssecConfig":{
10111066
"name":"UpdateResolverDnssecConfig",
10121067
"http":{
@@ -1223,6 +1278,13 @@
12231278
}
12241279
}
12251280
},
1281+
"AutodefinedReverseFlag":{
1282+
"type":"string",
1283+
"enum":[
1284+
"ENABLE",
1285+
"DISABLE"
1286+
]
1287+
},
12261288
"BlockOverrideDnsType":{
12271289
"type":"string",
12281290
"enum":["CNAME"]
@@ -2140,7 +2202,7 @@
21402202
},
21412203
"FirewallRuleGroupPolicy":{
21422204
"type":"string",
2143-
"max":5000
2205+
"max":30000
21442206
},
21452207
"FirewallRuleGroupStatus":{
21462208
"type":"string",
@@ -2249,6 +2311,25 @@
22492311
}
22502312
}
22512313
},
2314+
"GetResolverConfigRequest":{
2315+
"type":"structure",
2316+
"required":["ResourceId"],
2317+
"members":{
2318+
"ResourceId":{
2319+
"shape":"ResourceId",
2320+
"documentation":"<p>Resource ID of the Amazon VPC that you want to get information about.</p>"
2321+
}
2322+
}
2323+
},
2324+
"GetResolverConfigResponse":{
2325+
"type":"structure",
2326+
"members":{
2327+
"ResolverConfig":{
2328+
"shape":"ResolverConfig",
2329+
"documentation":"<p>Information about the behavior configuration of Route 53 Resolver behavior for the VPC you specified in the <code>GetResolverConfig</code> request.</p>"
2330+
}
2331+
}
2332+
},
22522333
"GetResolverDnssecConfigRequest":{
22532334
"type":"structure",
22542335
"required":["ResourceId"],
@@ -2829,6 +2910,39 @@
28292910
}
28302911
}
28312912
},
2913+
"ListResolverConfigsMaxResult":{
2914+
"type":"integer",
2915+
"max":100,
2916+
"min":5
2917+
},
2918+
"ListResolverConfigsRequest":{
2919+
"type":"structure",
2920+
"members":{
2921+
"MaxResults":{
2922+
"shape":"ListResolverConfigsMaxResult",
2923+
"documentation":"<p>The maximum number of Resolver configurations that you want to return in the response to a <code>ListResolverConfigs</code> request. If you don't specify a value for <code>MaxResults</code>, up to 100 Resolver configurations are returned.</p>",
2924+
"box":true
2925+
},
2926+
"NextToken":{
2927+
"shape":"NextToken",
2928+
"documentation":"<p>(Optional) If the current Amazon Web Services account has more than <code>MaxResults</code> Resolver configurations, use <code>NextToken</code> to get the second and subsequent pages of results.</p> <p>For the first <code>ListResolverConfigs</code> request, omit this value.</p> <p>For the second and subsequent requests, get the value of <code>NextToken</code> from the previous response and specify that value for <code>NextToken</code> in the request.</p>",
2929+
"box":true
2930+
}
2931+
}
2932+
},
2933+
"ListResolverConfigsResponse":{
2934+
"type":"structure",
2935+
"members":{
2936+
"NextToken":{
2937+
"shape":"NextToken",
2938+
"documentation":"<p>If a response includes the last of the Resolver configurations that are associated with the current Amazon Web Services account, <code>NextToken</code> doesn't appear in the response.</p> <p>If a response doesn't include the last of the configurations, you can get more configurations by submitting another <code>ListResolverConfigs</code> request. Get the value of <code>NextToken</code> that Amazon Route 53 returned in the previous response and include it in <code>NextToken</code> in the next request.</p>"
2939+
},
2940+
"ResolverConfigs":{
2941+
"shape":"ResolverConfigList",
2942+
"documentation":"<p>An array that contains one <code>ResolverConfigs</code> element for each Resolver configuration that is associated with the current Amazon Web Services account.</p>"
2943+
}
2944+
}
2945+
},
28322946
"ListResolverDnssecConfigsRequest":{
28332947
"type":"structure",
28342948
"members":{
@@ -3242,6 +3356,41 @@
32423356
},
32433357
"documentation":"<p>The response to a <code>PutResolverRulePolicy</code> request.</p>"
32443358
},
3359+
"ResolverAutodefinedReverseStatus":{
3360+
"type":"string",
3361+
"enum":[
3362+
"ENABLING",
3363+
"ENABLED",
3364+
"DISABLING",
3365+
"DISABLED"
3366+
]
3367+
},
3368+
"ResolverConfig":{
3369+
"type":"structure",
3370+
"members":{
3371+
"Id":{
3372+
"shape":"ResourceId",
3373+
"documentation":"<p>ID for the Resolver configuration.</p>"
3374+
},
3375+
"ResourceId":{
3376+
"shape":"ResourceId",
3377+
"documentation":"<p>The ID of the Amazon Virtual Private Cloud VPC that you're configuring Resolver for.</p>"
3378+
},
3379+
"OwnerId":{
3380+
"shape":"AccountId",
3381+
"documentation":"<p>The owner account ID of the Amazon Virtual Private Cloud VPC.</p>"
3382+
},
3383+
"AutodefinedReverse":{
3384+
"shape":"ResolverAutodefinedReverseStatus",
3385+
"documentation":"<p> The status of whether or not the Resolver will create autodefined rules for reverse DNS lookups. This is enabled by default. The status can be one of following:</p> <p> Status of the rules generated by VPCs based on CIDR/Region for reverse DNS resolution. The status can be one of following:</p> <ul> <li> <p> <b>ENABLING:</b> Autodefined rules for reverse DNS lookups are being enabled but are not complete.</p> </li> <li> <p> <b>ENABLED:</b> Autodefined rules for reverse DNS lookups are enabled.</p> </li> <li> <p> <b>DISABLING:</b> Autodefined rules for reverse DNS lookups are being disabled but are not complete.</p> </li> <li> <p> <b>DISABLED:</b> Autodefined rules for reverse DNS lookups are disabled.</p> </li> </ul>"
3386+
}
3387+
},
3388+
"documentation":"<p>A complex type that contains information about a Resolver configuration for a VPC.</p>"
3389+
},
3390+
"ResolverConfigList":{
3391+
"type":"list",
3392+
"member":{"shape":"ResolverConfig"}
3393+
},
32453394
"ResolverDNSSECValidationStatus":{
32463395
"type":"string",
32473396
"enum":[
@@ -3469,7 +3618,7 @@
34693618
},
34703619
"ResolverQueryLogConfigPolicy":{
34713620
"type":"string",
3472-
"max":5000
3621+
"max":30000
34733622
},
34743623
"ResolverQueryLogConfigStatus":{
34753624
"type":"string",
@@ -4010,6 +4159,32 @@
40104159
}
40114160
}
40124161
},
4162+
"UpdateResolverConfigRequest":{
4163+
"type":"structure",
4164+
"required":[
4165+
"ResourceId",
4166+
"AutodefinedReverseFlag"
4167+
],
4168+
"members":{
4169+
"ResourceId":{
4170+
"shape":"ResourceId",
4171+
"documentation":"<p>Resource ID of the Amazon VPC that you want to update the Resolver configuration for.</p>"
4172+
},
4173+
"AutodefinedReverseFlag":{
4174+
"shape":"AutodefinedReverseFlag",
4175+
"documentation":"<p>Indicates whether or not the Resolver will create autodefined rules for reverse DNS lookups. This is enabled by default. Disabling this option will also affect EC2-Classic instances using ClassicLink. For more information, see <a href=\"https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html\">ClassicLink</a> in the <i>Amazon EC2 guide</i>.</p> <note> <p>It can take some time for the status change to be completed.</p> </note> <p/>"
4176+
}
4177+
}
4178+
},
4179+
"UpdateResolverConfigResponse":{
4180+
"type":"structure",
4181+
"members":{
4182+
"ResolverConfig":{
4183+
"shape":"ResolverConfig",
4184+
"documentation":"<p>An array that contains settings for the specified Resolver configuration.</p>"
4185+
}
4186+
}
4187+
},
40134188
"UpdateResolverDnssecConfigRequest":{
40144189
"type":"structure",
40154190
"required":[

0 commit comments

Comments
 (0)