SDK for PHP V3
Amazon Route 53 Global Resolver 2022-09-27
- Client: Aws\Route53GlobalResolver\Route53GlobalResolverClient
- Service ID: route53globalresolver
- Version: 2022-09-27
This page describes the parameters and results for the operations of the Amazon Route 53 Global Resolver (2022-09-27), and shows how to use the Aws\Route53GlobalResolver\Route53GlobalResolverClient object to call the described operations. This documentation is specific to the 2022-09-27 API version of the service.
Operation Summary
Each of the following operations can be created from a client using
$client->getCommand('CommandName'), where "CommandName" is the
name of one of the following operations. Note: a command is a value that
encapsulates an operation and the parameters used to create an HTTP request.
You can also create and send a command immediately using the magic methods
available on a client object: $client->commandName(/* parameters */).
You can send the command asynchronously (returning a promise) by appending the
word "Async" to the operation name: $client->commandNameAsync(/* parameters */).
- AssociateHostedZone ( array $params = [] )
- Associates a Route 53 private hosted zone with a Route 53 Global Resolver resource.
- BatchCreateFirewallRule ( array $params = [] )
- Creates multiple DNS firewall rules in a single operation.
- BatchDeleteFirewallRule ( array $params = [] )
- Deletes multiple DNS firewall rules in a single operation.
- BatchUpdateFirewallRule ( array $params = [] )
- Updates multiple DNS firewall rules in a single operation.
- CreateAccessSource ( array $params = [] )
- Creates an access source for a DNS view.
- CreateAccessToken ( array $params = [] )
- Creates an access token for a DNS view.
- CreateDNSView ( array $params = [] )
- Creates a DNS view within a Route 53 Global Resolver.
- CreateFirewallDomainList ( array $params = [] )
- Creates a firewall domain list.
- CreateFirewallRule ( array $params = [] )
- Creates a DNS firewall rule.
- CreateGlobalResolver ( array $params = [] )
- Creates a new Route 53 Global Resolver instance.
- DeleteAccessSource ( array $params = [] )
- Deletes an access source.
- DeleteAccessToken ( array $params = [] )
- Deletes an access token.
- DeleteDNSView ( array $params = [] )
- Deletes a DNS view.
- DeleteFirewallDomainList ( array $params = [] )
- Deletes a firewall domain list.
- DeleteFirewallRule ( array $params = [] )
- Deletes a DNS firewall rule.
- DeleteGlobalResolver ( array $params = [] )
- Deletes a Route 53 Global Resolver instance.
- DisableDNSView ( array $params = [] )
- Disables a DNS view, preventing it from serving DNS queries.
- DisassociateHostedZone ( array $params = [] )
- Disassociates a Route 53 private hosted zone from a Route 53 Global Resolver resource.
- EnableDNSView ( array $params = [] )
- Enables a disabled DNS view, allowing it to serve DNS queries again.
- GetAccessSource ( array $params = [] )
- Retrieves information about an access source.
- GetAccessToken ( array $params = [] )
- Retrieves information about an access token.
- GetDNSView ( array $params = [] )
- Retrieves information about a DNS view.
- GetFirewallDomainList ( array $params = [] )
- Retrieves information about a firewall domain list.
- GetFirewallRule ( array $params = [] )
- Retrieves information about a DNS firewall rule.
- GetGlobalResolver ( array $params = [] )
- Retrieves information about a Route 53 Global Resolver instance.
- GetHostedZoneAssociation ( array $params = [] )
- Retrieves information about a hosted zone association.
- GetManagedFirewallDomainList ( array $params = [] )
- Retrieves information about an AWS-managed firewall domain list.
- ImportFirewallDomains ( array $params = [] )
- Imports a list of domains from an Amazon S3 file into a firewall domain list.
- ListAccessSources ( array $params = [] )
- Lists all access sources with pagination support.
- ListAccessTokens ( array $params = [] )
- Lists all access tokens for a DNS view with pagination support.
- ListDNSViews ( array $params = [] )
- Lists all DNS views for a Route 53 Global Resolver with pagination support.
- ListFirewallDomainLists ( array $params = [] )
- Lists all firewall domain lists for a Route 53 Global Resolver with pagination support.
- ListFirewallDomains ( array $params = [] )
- Lists all the domains in DNS Firewall domain list you have created.
- ListFirewallRules ( array $params = [] )
- Lists all DNS firewall rules for a DNS view with pagination support.
- ListGlobalResolvers ( array $params = [] )
- Lists all Route 53 Global Resolver instances in your account with pagination support.
- ListHostedZoneAssociations ( array $params = [] )
- Lists all hosted zone associations for a Route 53 Global Resolver resource with pagination support.
- ListManagedFirewallDomainLists ( array $params = [] )
- Returns a paginated list of the AWS Managed DNS Lists and the categories for DNS Firewall.
- ListTagsForResource ( array $params = [] )
- Lists the tags associated with a Route 53 Global Resolver resource.
- TagResource ( array $params = [] )
- Adds or updates tags for a Route 53 Global Resolver resource.
- UntagResource ( array $params = [] )
- Removes tags from a Route 53 Global Resolver resource.
- UpdateAccessSource ( array $params = [] )
- Updates the configuration of an access source.
- UpdateAccessToken ( array $params = [] )
- Updates the configuration of an access token.
- UpdateDNSView ( array $params = [] )
- Updates the configuration of a DNS view.
- UpdateFirewallDomains ( array $params = [] )
- Updates a DNS Firewall domain list from an array of specified domains.
- UpdateFirewallRule ( array $params = [] )
- Updates the configuration of a DNS firewall rule.
- UpdateGlobalResolver ( array $params = [] )
- Updates the configuration of a Route 53 Global Resolver instance.
- UpdateHostedZoneAssociation ( array $params = [] )
- Updates the configuration of a hosted zone association.
Paginators
Paginators handle automatically iterating over paginated API results. Paginators are associated with specific API operations, and they accept the parameters that the corresponding API operation accepts. You can get a paginator from a client class using getPaginator($paginatorName, $operationParameters). This client supports the following paginators:
- ListAccessSources
- ListAccessTokens
- ListDNSViews
- ListFirewallDomainLists
- ListFirewallDomains
- ListFirewallRules
- ListGlobalResolvers
- ListHostedZoneAssociations
- ListManagedFirewallDomainLists
Operations
AssociateHostedZone
$result = $client->associateHostedZone([/* ... */]); $promise = $client->associateHostedZoneAsync([/* ... */]);
Associates a Route 53 private hosted zone with a Route 53 Global Resolver resource. This allows the resolver to resolve DNS queries for the private hosted zone from anywhere globally.
Parameter Syntax
$result = $client->associateHostedZone([
'hostedZoneId' => '<string>', // REQUIRED
'name' => '<string>', // REQUIRED
'resourceArn' => '<string>', // REQUIRED
]);
Parameter Details
Members
- hostedZoneId
-
- Required: Yes
- Type: string
The ID of the Route 53 private hosted zone to associate with the Route 53 Global Resolver resource.
- name
-
- Required: Yes
- Type: string
Name for the private hosted zone association.
- resourceArn
-
- Required: Yes
- Type: string
An Amazon Resource Name (ARN) of the Route 53 Global Resolver the private hosted zone will be associated to.
Result Syntax
[
'createdAt' => <DateTime>,
'hostedZoneId' => '<string>',
'hostedZoneName' => '<string>',
'id' => '<string>',
'name' => '<string>',
'resourceArn' => '<string>',
'status' => 'CREATING|OPERATIONAL|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the private hosted zone association was created.
- hostedZoneId
-
- Required: Yes
- Type: string
ID of the private hosted zone.
- hostedZoneName
-
- Required: Yes
- Type: string
Name of the hosted zone (also the domain associated with the hosted zone).
- id
-
- Required: Yes
- Type: string
ID of the association.
- name
-
- Required: Yes
- Type: string
Name for the private hosted zone association.
- resourceArn
-
- Required: Yes
- Type: string
An Amazon Resource Name (ARN) of the Route 53 Global Resolver the private hosted zone is associated to.
- status
-
- Required: Yes
- Type: string
Aggregate status for all the AWS Regions in which the Route 53 Global Resolver exists.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the private hosted zone association was modified.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- ServiceQuotaExceededException:
The request would exceed one or more service quotas. Check your current usage and quotas, then try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
BatchCreateFirewallRule
$result = $client->batchCreateFirewallRule([/* ... */]); $promise = $client->batchCreateFirewallRuleAsync([/* ... */]);
Creates multiple DNS firewall rules in a single operation. This is more efficient than creating rules individually when you need to set up multiple rules at once.
Parameter Syntax
$result = $client->batchCreateFirewallRule([
'firewallRules' => [ // REQUIRED
[
'action' => 'ALLOW|ALERT|BLOCK', // REQUIRED
'blockOverrideDnsType' => 'CNAME',
'blockOverrideDomain' => '<string>',
'blockOverrideTtl' => <integer>,
'blockResponse' => 'NODATA|NXDOMAIN|OVERRIDE',
'clientToken' => '<string>', // REQUIRED
'confidenceThreshold' => 'LOW|MEDIUM|HIGH',
'description' => '<string>',
'dnsAdvancedProtection' => 'DGA|DNS_TUNNELING',
'dnsViewId' => '<string>', // REQUIRED
'firewallDomainListId' => '<string>',
'name' => '<string>', // REQUIRED
'priority' => <integer>,
'qType' => '<string>',
],
// ...
],
]);
Parameter Details
Members
- firewallRules
-
- Required: Yes
- Type: Array of BatchCreateFirewallRuleInputItem structures
The
BatchCreateFirewallRuleInputItemobjects contain the information for each Firewall rule.
Result Syntax
[
'failures' => [
[
'code' => <integer>,
'firewallRule' => [
'action' => 'ALLOW|ALERT|BLOCK',
'blockOverrideDnsType' => 'CNAME',
'blockOverrideDomain' => '<string>',
'blockOverrideTtl' => <integer>,
'blockResponse' => 'NODATA|NXDOMAIN|OVERRIDE',
'clientToken' => '<string>',
'confidenceThreshold' => 'LOW|MEDIUM|HIGH',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnsAdvancedProtection' => 'DGA|DNS_TUNNELING',
'dnsViewId' => '<string>',
'firewallDomainListId' => '<string>',
'id' => '<string>',
'managedDomainListName' => '<string>',
'name' => '<string>',
'priority' => <integer>,
'queryType' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
],
'message' => '<string>',
],
// ...
],
'successes' => [
[
'code' => <integer>,
'firewallRule' => [
'action' => 'ALLOW|ALERT|BLOCK',
'blockOverrideDnsType' => 'CNAME',
'blockOverrideDomain' => '<string>',
'blockOverrideTtl' => <integer>,
'blockResponse' => 'NODATA|NXDOMAIN|OVERRIDE',
'clientToken' => '<string>',
'confidenceThreshold' => 'LOW|MEDIUM|HIGH',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnsAdvancedProtection' => 'DGA|DNS_TUNNELING',
'dnsViewId' => '<string>',
'firewallDomainListId' => '<string>',
'id' => '<string>',
'managedDomainListName' => '<string>',
'name' => '<string>',
'priority' => <integer>,
'queryType' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
],
'message' => '<string>',
],
// ...
],
]
Result Details
Members
- failures
-
- Required: Yes
- Type: Array of BatchCreateFirewallRuleOutputItem structures
High level information about the DNS Firewall rules that failed to create.
- successes
-
- Required: Yes
- Type: Array of BatchCreateFirewallRuleOutputItem structures
High level information about the DNS Firewall rules that were created.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
BatchDeleteFirewallRule
$result = $client->batchDeleteFirewallRule([/* ... */]); $promise = $client->batchDeleteFirewallRuleAsync([/* ... */]);
Deletes multiple DNS firewall rules in a single operation. This is more efficient than deleting rules individually.
Parameter Syntax
$result = $client->batchDeleteFirewallRule([
'firewallRules' => [ // REQUIRED
[
'firewallRuleId' => '<string>', // REQUIRED
],
// ...
],
]);
Parameter Details
Members
- firewallRules
-
- Required: Yes
- Type: Array of BatchDeleteFirewallRuleInputItem structures
An array of the DNS Firewall IDs to be deleted.
Result Syntax
[
'failures' => [
[
'code' => <integer>,
'firewallRule' => [
'clientToken' => '<string>',
'id' => '<string>',
'name' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
],
'message' => '<string>',
],
// ...
],
'successes' => [
[
'code' => <integer>,
'firewallRule' => [
'clientToken' => '<string>',
'id' => '<string>',
'name' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
],
'message' => '<string>',
],
// ...
],
]
Result Details
Members
- failures
-
- Required: Yes
- Type: Array of BatchDeleteFirewallRuleOutputItem structures
High level information about the DNS Firewall rules that failed to delete.
- successes
-
- Required: Yes
- Type: Array of BatchDeleteFirewallRuleOutputItem structures
High level information about the DNS Firewall rules that were deleted successfully.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
BatchUpdateFirewallRule
$result = $client->batchUpdateFirewallRule([/* ... */]); $promise = $client->batchUpdateFirewallRuleAsync([/* ... */]);
Updates multiple DNS firewall rules in a single operation. This is more efficient than updating rules individually.
Parameter Syntax
$result = $client->batchUpdateFirewallRule([
'firewallRules' => [ // REQUIRED
[
'action' => 'ALLOW|ALERT|BLOCK',
'blockOverrideDnsType' => 'CNAME',
'blockOverrideDomain' => '<string>',
'blockOverrideTtl' => <integer>,
'blockResponse' => 'NODATA|NXDOMAIN|OVERRIDE',
'confidenceThreshold' => 'LOW|MEDIUM|HIGH',
'description' => '<string>',
'dnsAdvancedProtection' => 'DGA|DNS_TUNNELING',
'firewallRuleId' => '<string>', // REQUIRED
'name' => '<string>',
'priority' => <integer>,
],
// ...
],
]);
Parameter Details
Members
- firewallRules
-
- Required: Yes
- Type: Array of BatchUpdateFirewallRuleInputItem structures
The DNS Firewall rule IDs to be updated.
Result Syntax
[
'failures' => [
[
'code' => <integer>,
'firewallRule' => [
'action' => 'ALLOW|ALERT|BLOCK',
'blockOverrideDnsType' => 'CNAME',
'blockOverrideDomain' => '<string>',
'blockOverrideTtl' => <integer>,
'blockResponse' => 'NODATA|NXDOMAIN|OVERRIDE',
'clientToken' => '<string>',
'confidenceThreshold' => 'LOW|MEDIUM|HIGH',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnsAdvancedProtection' => 'DGA|DNS_TUNNELING',
'dnsViewId' => '<string>',
'firewallDomainListId' => '<string>',
'id' => '<string>',
'name' => '<string>',
'priority' => <integer>,
'queryType' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
],
'message' => '<string>',
],
// ...
],
'successes' => [
[
'code' => <integer>,
'firewallRule' => [
'action' => 'ALLOW|ALERT|BLOCK',
'blockOverrideDnsType' => 'CNAME',
'blockOverrideDomain' => '<string>',
'blockOverrideTtl' => <integer>,
'blockResponse' => 'NODATA|NXDOMAIN|OVERRIDE',
'clientToken' => '<string>',
'confidenceThreshold' => 'LOW|MEDIUM|HIGH',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnsAdvancedProtection' => 'DGA|DNS_TUNNELING',
'dnsViewId' => '<string>',
'firewallDomainListId' => '<string>',
'id' => '<string>',
'name' => '<string>',
'priority' => <integer>,
'queryType' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
],
'message' => '<string>',
],
// ...
],
]
Result Details
Members
- failures
-
- Required: Yes
- Type: Array of BatchUpdateFirewallRuleOutputItem structures
High level information about the DNS Firewall rules that failed to update.
- successes
-
- Required: Yes
- Type: Array of BatchUpdateFirewallRuleOutputItem structures
High level information about the DNS Firewall rules that were successfully updated.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
CreateAccessSource
$result = $client->createAccessSource([/* ... */]); $promise = $client->createAccessSourceAsync([/* ... */]);
Creates an access source for a DNS view. Access sources define IP addresses or CIDR ranges that are allowed to send DNS queries to the Route 53 Global Resolver, along with the permitted DNS protocols.
Parameter Syntax
$result = $client->createAccessSource([
'cidr' => '<string>', // REQUIRED
'clientToken' => '<string>',
'dnsViewId' => '<string>', // REQUIRED
'ipAddressType' => 'IPV4|IPV6',
'name' => '<string>',
'protocol' => 'DO53|DOH|DOT', // REQUIRED
'tags' => ['<string>', ...],
]);
Parameter Details
Members
- cidr
-
- Required: Yes
- Type: string
The IP address or CIDR range that is allowed to send DNS queries to the Route 53 Global Resolver.
- clientToken
-
- Type: string
A unique string that identifies the request and ensures idempotency.
- dnsViewId
-
- Required: Yes
- Type: string
The ID of the DNS view to associate with this access source.
- ipAddressType
-
- Type: string
The IP address type for this access source. Valid values are IPv4 and IPv6 (if the Route 53 Global Resolver supports dual-stack).
- name
-
- Type: string
A descriptive name for the access source.
- protocol
-
- Required: Yes
- Type: string
The DNS protocol that is permitted for this access source. Valid values are Do53 (DNS over port 53), DoT (DNS over TLS), and DoH (DNS over HTTPS).
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
Tags to associate with the access source.
Result Syntax
[
'arn' => '<string>',
'cidr' => '<string>',
'createdAt' => <DateTime>,
'dnsViewId' => '<string>',
'id' => '<string>',
'ipAddressType' => 'IPV4|IPV6',
'name' => '<string>',
'protocol' => 'DO53|DOH|DOT',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the access source.
- cidr
-
- Required: Yes
- Type: string
The IP address or CIDR range that is allowed to send DNS queries to the Route 53 Global Resolver.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the access source was created.
- dnsViewId
-
- Required: Yes
- Type: string
The ID of the DNS view associated with this access source.
- id
-
- Required: Yes
- Type: string
The unique identifier for the access source.
- ipAddressType
-
- Required: Yes
- Type: string
The IP address type for this access source (IPv4 or IPv6).
- name
-
- Type: string
The descriptive name of the access source.
- protocol
-
- Required: Yes
- Type: string
The DNS protocol that is permitted for this access source (Do53, DoT, or DoH).
- status
-
- Required: Yes
- Type: string
The operational status of the access source.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the access source was last updated.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- ServiceQuotaExceededException:
The request would exceed one or more service quotas. Check your current usage and quotas, then try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
Examples
Example 1: CreateAccessSource example
$result = $client->createAccessSource([
'name' => 'My Access Source',
'cidr' => '85.90.183.3/30',
'clientToken' => '9fas9-9usdfa-xbi8-kco',
'dnsViewId' => 'dnsv-123456789',
'ipAddressType' => 'IPV4',
'protocol' => 'DO53',
'tags' => [
'Key1' => 'Value1',
],
]);
Result syntax:
[
'name' => 'My Access Source',
'arn' => 'arn:aws:route53globalresolver::123456789012:access-source/as-823as9d9831',
'cidr' => '85.90.183.3/30',
'createdAt' => ,
'dnsViewId' => 'dnsv-123456789',
'id' => 'as-123456789',
'ipAddressType' => 'IPV4',
'protocol' => 'DO53',
'status' => 'CREATING',
'updatedAt' => ,
]
CreateAccessToken
$result = $client->createAccessToken([/* ... */]); $promise = $client->createAccessTokenAsync([/* ... */]);
Creates an access token for a DNS view. Access tokens provide token-based authentication for DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) connections to the Route 53 Global Resolver.
Parameter Syntax
$result = $client->createAccessToken([
'clientToken' => '<string>',
'dnsViewId' => '<string>', // REQUIRED
'expiresAt' => <integer || string || DateTime>,
'name' => '<string>',
'tags' => ['<string>', ...],
]);
Parameter Details
Members
- clientToken
-
- Type: string
A unique, case-sensitive identifier to ensure idempotency. This means that making the same request multiple times with the same
clientTokenhas the same result every time. - dnsViewId
-
- Required: Yes
- Type: string
The ID of the DNS view to associate with this token.
- expiresAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the token expires. Tokens can have a minimum expiration of 30 days and maximum of 365 days from creation.
- name
-
- Type: string
A descriptive name for the access token.
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
An array of user-defined keys and optional values. These tags can be used for categorization and organization.
Result Syntax
[
'arn' => '<string>',
'clientToken' => '<string>',
'createdAt' => <DateTime>,
'dnsViewId' => '<string>',
'expiresAt' => <DateTime>,
'id' => '<string>',
'name' => '<string>',
'status' => 'CREATING|OPERATIONAL|DELETING',
'value' => '<string>',
]
Result Details
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the access token.
- clientToken
-
- Type: string
The unique string that identifies the request and ensures idempotency.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the access token was created.
- dnsViewId
-
- Required: Yes
- Type: string
The ID of the DNS view associated with this access token.
- expiresAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the access token expires.
- id
-
- Required: Yes
- Type: string
The unique identifier for the access token.
- name
-
- Type: string
The name of the access token.
- status
-
- Required: Yes
- Type: string
The operational status of the access token.
- value
-
- Required: Yes
- Type: string
The access token value. This token should be included in DoH and DoT requests for authentication. Keep this value secure as it provides access to your Route 53 Global Resolver.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- ServiceQuotaExceededException:
The request would exceed one or more service quotas. Check your current usage and quotas, then try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
CreateDNSView
$result = $client->createDNSView([/* ... */]); $promise = $client->createDNSViewAsync([/* ... */]);
Creates a DNS view within a Route 53 Global Resolver. A DNS view models end users, user groups, networks, and devices, and serves as a parent resource that holds configurations controlling access, authorization, DNS firewall rules, and forwarding rules.
Parameter Syntax
$result = $client->createDNSView([
'clientToken' => '<string>',
'description' => '<string>',
'dnssecValidation' => 'ENABLED|DISABLED',
'ednsClientSubnet' => 'ENABLED|DISABLED',
'firewallRulesFailOpen' => 'ENABLED|DISABLED',
'globalResolverId' => '<string>', // REQUIRED
'name' => '<string>', // REQUIRED
'tags' => ['<string>', ...],
]);
Parameter Details
Members
- clientToken
-
- Type: string
A unique string that identifies the request and ensures idempotency.
- description
-
- Type: string
An optional description for the DNS view.
- dnssecValidation
-
- Type: string
Whether to enable DNSSEC validation for DNS queries in this DNS view. When enabled, the resolver verifies the authenticity and integrity of DNS responses from public name servers for DNSSEC-signed domains.
- ednsClientSubnet
-
- Type: string
Whether to enable EDNS Client Subnet injection for DNS queries in this DNS view. When enabled, client subnet information is forwarded to provide more accurate geographic-based DNS responses.
- firewallRulesFailOpen
-
- Type: string
Determines the behavior when Route 53 Global Resolver cannot apply DNS firewall rules due to service impairment. When enabled, DNS queries are allowed through; when disabled, queries are blocked.
- globalResolverId
-
- Required: Yes
- Type: string
The ID of the Route 53 Global Resolver to associate with this DNS view.
- name
-
- Required: Yes
- Type: string
A descriptive name for the DNS view.
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
Tags to associate with the DNS view.
Result Syntax
[
'arn' => '<string>',
'clientToken' => '<string>',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnssecValidation' => 'ENABLED|DISABLED',
'ednsClientSubnet' => 'ENABLED|DISABLED',
'firewallRulesFailOpen' => 'ENABLED|DISABLED',
'globalResolverId' => '<string>',
'id' => '<string>',
'name' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|ENABLING|DISABLING|DISABLED|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the DNS view.
- clientToken
-
- Type: string
The unique string that identifies the request and ensures idempotency.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the DNS view was created.
- description
-
- Type: string
The description of the DNS view.
- dnssecValidation
-
- Required: Yes
- Type: string
Whether DNSSEC validation is enabled for DNS queries in this DNS view.
- ednsClientSubnet
-
- Required: Yes
- Type: string
Whether EDNS Client Subnet injection is enabled for DNS queries in this DNS view.
- firewallRulesFailOpen
-
- Required: Yes
- Type: string
The behavior when Route 53 Global Resolver cannot apply DNS firewall rules due to service impairment.
- globalResolverId
-
- Required: Yes
- Type: string
The ID of the Route 53 Global Resolver instance the DNS view is created for.
- id
-
- Required: Yes
- Type: string
The unique identifier for the DNS view.
- name
-
- Required: Yes
- Type: string
The descriptive name of the DNS view.
- status
-
- Required: Yes
- Type: string
The operational status of the DNS view.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the DNS view was last updated.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- ServiceQuotaExceededException:
The request would exceed one or more service quotas. Check your current usage and quotas, then try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
CreateFirewallDomainList
$result = $client->createFirewallDomainList([/* ... */]); $promise = $client->createFirewallDomainListAsync([/* ... */]);
Creates a firewall domain list. Domain lists are reusable sets of domain specifications that you use in DNS firewall rules to allow, block, or alert on DNS queries to specific domains.
Parameter Syntax
$result = $client->createFirewallDomainList([
'clientToken' => '<string>',
'description' => '<string>',
'globalResolverId' => '<string>', // REQUIRED
'name' => '<string>', // REQUIRED
'tags' => ['<string>', ...],
]);
Parameter Details
Members
- clientToken
-
- Type: string
A unique, case-sensitive identifier to ensure idempotency. This means that making the same request multiple times with the same
clientTokenhas the same result every time. - description
-
- Type: string
An optional description for the firewall domain list.
- globalResolverId
-
- Required: Yes
- Type: string
The ID of the Route 53 Global Resolver that the domain list will be associated with.
- name
-
- Required: Yes
- Type: string
A descriptive name for the firewall domain list.
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
An array of user-defined keys and optional values. These tags can be used for categorization and organization.
Result Syntax
[
'arn' => '<string>',
'createdAt' => <DateTime>,
'description' => '<string>',
'domainCount' => <integer>,
'globalResolverId' => '<string>',
'id' => '<string>',
'name' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- arn
-
- Required: Yes
- Type: string
An Amazon Resource Name (ARN) for the domain list.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time and date the domain list was created on.
- description
-
- Type: string
Description for the domain list.
- domainCount
-
- Required: Yes
- Type: int
Number of domains in the domain list.
- globalResolverId
-
- Required: Yes
- Type: string
The ID of the Route 53 Global Resolver that the domain list is associated with.
- id
-
- Required: Yes
- Type: string
ID of the domain list.
- name
-
- Required: Yes
- Type: string
Name of the domain list.
- status
-
- Required: Yes
- Type: string
Creation status of the domain list.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time and date the domain list was updated.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- ServiceQuotaExceededException:
The request would exceed one or more service quotas. Check your current usage and quotas, then try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
CreateFirewallRule
$result = $client->createFirewallRule([/* ... */]); $promise = $client->createFirewallRuleAsync([/* ... */]);
Creates a DNS firewall rule. Firewall rules define actions (ALLOW, BLOCK, or ALERT) to take on DNS queries that match specified domain lists, managed domain lists, or advanced threat protections.
Parameter Syntax
$result = $client->createFirewallRule([
'action' => 'ALLOW|ALERT|BLOCK', // REQUIRED
'blockOverrideDnsType' => 'CNAME',
'blockOverrideDomain' => '<string>',
'blockOverrideTtl' => <integer>,
'blockResponse' => 'NODATA|NXDOMAIN|OVERRIDE',
'clientToken' => '<string>',
'confidenceThreshold' => 'LOW|MEDIUM|HIGH',
'description' => '<string>',
'dnsAdvancedProtection' => 'DGA|DNS_TUNNELING',
'dnsViewId' => '<string>', // REQUIRED
'firewallDomainListId' => '<string>',
'name' => '<string>', // REQUIRED
'priority' => <integer>,
'qType' => '<string>',
]);
Parameter Details
Members
- action
-
- Required: Yes
- Type: string
The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list:
-
ALLOW- Permit the request to go through. -
ALERT- Permit the request and send metrics and logs to CloudWatch. -
BLOCK- Disallow the request. This option requires additional details in the rule'sBlockResponse.
- blockOverrideDnsType
-
- Type: string
The DNS record's type. This determines the format of the record value that you provided in
BlockOverrideDomain. Used for the rule actionBLOCKwith aBlockResponsesetting ofOVERRIDE.This setting is required if the
BlockResponsesetting isOVERRIDE. - blockOverrideDomain
-
- Type: string
The custom DNS record to send back in response to the query. Used for the rule action
BLOCKwith aBlockResponsesetting ofOVERRIDE.This setting is required if the
BlockResponsesetting isOVERRIDE. - blockOverrideTtl
-
- Type: int
The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action
BLOCKwith aBlockResponsesetting ofOVERRIDE.This setting is required if the
BlockResponsesetting isOVERRIDE. - blockResponse
-
- Type: string
The response to return when the action is BLOCK. Valid values are NXDOMAIN (domain does not exist), NODATA (domain exists but no records), or OVERRIDE (return custom response).
- clientToken
-
- Type: string
A unique, case-sensitive identifier to ensure idempotency. This means that making the same request multiple times with the same
clientTokenhas the same result every time. - confidenceThreshold
-
- Type: string
The confidence threshold for advanced threat detection. Valid values are HIGH, MEDIUM, or LOW, indicating the accuracy level required for threat detection.
- description
-
- Type: string
An optional description for the firewall rule.
- dnsAdvancedProtection
-
- Type: string
Whether to enable advanced DNS threat protection for this rule. Advanced protection can detect and block DNS tunneling and Domain Generation Algorithm (DGA) threats.
- dnsViewId
-
- Required: Yes
- Type: string
The ID of the DNS view to associate with this firewall rule.
- firewallDomainListId
-
- Type: string
The ID of the firewall domain list to use in this rule.
- name
-
- Required: Yes
- Type: string
A descriptive name for the firewall rule.
- priority
-
- Type: long (int|float)
The priority of this rule. Rules are evaluated in priority order, with lower numbers having higher priority. When a DNS query matches multiple rules, the rule with the highest priority (lowest number) is applied.
- qType
-
- Type: string
The DNS query type to match for this rule. Examples include A (IPv4 address), AAAA (IPv6 address), MX (mail exchange), or TXT (text record).
Result Syntax
[
'action' => 'ALLOW|ALERT|BLOCK',
'blockOverrideDnsType' => 'CNAME',
'blockOverrideDomain' => '<string>',
'blockOverrideTtl' => <integer>,
'blockResponse' => 'NODATA|NXDOMAIN|OVERRIDE',
'confidenceThreshold' => 'LOW|MEDIUM|HIGH',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnsAdvancedProtection' => 'DGA|DNS_TUNNELING',
'dnsViewId' => '<string>',
'firewallDomainListId' => '<string>',
'id' => '<string>',
'name' => '<string>',
'priority' => <integer>,
'queryType' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- action
-
- Required: Yes
- Type: string
The action that DNS Firewall takes on DNS queries that match this rule.
- blockOverrideDnsType
-
- Type: string
The DNS record type for the custom response when blockResponse is OVERRIDE.
- blockOverrideDomain
-
- Type: string
The custom domain to return when the action is BLOCK and blockResponse is OVERRIDE.
- blockOverrideTtl
-
- Type: int
The time-to-live (TTL) value for the custom response when blockResponse is OVERRIDE.
- blockResponse
-
- Type: string
The response to return when the action is BLOCK.
- confidenceThreshold
-
- Type: string
The confidence threshold for advanced threat detection.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the firewall rule was created.
- description
-
- Type: string
The description of the firewall rule.
- dnsAdvancedProtection
-
- Type: string
Whether advanced DNS threat protection is enabled for this rule.
- dnsViewId
-
- Required: Yes
- Type: string
The ID of the DNS view associated with this firewall rule.
- firewallDomainListId
-
- Type: string
The ID of the firewall domain list used in this rule.
- id
-
- Required: Yes
- Type: string
The unique identifier for the firewall rule.
- name
-
- Required: Yes
- Type: string
The name of the firewall rule.
- priority
-
- Required: Yes
- Type: long (int|float)
The priority of the firewall rule.
- queryType
-
- Type: string
The DNS query type that this rule matches.
- status
-
- Required: Yes
- Type: string
The operational status of the firewall rule.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the firewall rule was last updated.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- ServiceQuotaExceededException:
The request would exceed one or more service quotas. Check your current usage and quotas, then try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
CreateGlobalResolver
$result = $client->createGlobalResolver([/* ... */]); $promise = $client->createGlobalResolverAsync([/* ... */]);
Creates a new Route 53 Global Resolver instance. A Route 53 Global Resolver is a global, internet-accessible DNS resolver that provides secure DNS resolution for both public and private domains through global anycast IP addresses.
Parameter Syntax
$result = $client->createGlobalResolver([
'clientToken' => '<string>',
'description' => '<string>',
'name' => '<string>', // REQUIRED
'observabilityRegion' => '<string>',
'regions' => ['<string>', ...], // REQUIRED
'tags' => ['<string>', ...],
]);
Parameter Details
Members
- clientToken
-
- Type: string
A unique string that identifies the request and ensures idempotency. If you make multiple requests with the same client token, only one Route 53 Global Resolver is created.
- description
-
- Type: string
An optional description for the Route 53 Global Resolver instance. Maximum length of 1024 characters.
- name
-
- Required: Yes
- Type: string
A descriptive name for the Route 53 Global Resolver instance. Maximum length of 64 characters.
- observabilityRegion
-
- Type: string
The AWS region where query resolution logs and metrics will be aggregated and delivered. If not specified, logging is not enabled.
- regions
-
- Required: Yes
- Type: Array of strings
List of AWS regions where the Route 53 Global Resolver will operate. The resolver will be distributed across these regions to provide global availability and low-latency DNS resolution.
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
Tags to associate with the Route 53 Global Resolver. Tags are key-value pairs that help you organize and identify your resources.
Result Syntax
[
'arn' => '<string>',
'clientToken' => '<string>',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnsName' => '<string>',
'id' => '<string>',
'ipv4Addresses' => ['<string>', ...],
'name' => '<string>',
'observabilityRegion' => '<string>',
'regions' => ['<string>', ...],
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the Route 53 Global Resolver.
- clientToken
-
- Required: Yes
- Type: string
The unique string that identifies the request and ensures idempotency.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the Route 53 Global Resolver was created.
- description
-
- Type: string
The description of the Route 53 Global Resolver.
- dnsName
-
- Required: Yes
- Type: string
The hostname that DNS clients should use for TLS certificate validation when connecting to the Route 53 Global Resolver. This value resolves to the global anycast IP addresses for the resolver.
- id
-
- Required: Yes
- Type: string
The unique identifier for the Route 53 Global Resolver.
- ipv4Addresses
-
- Required: Yes
- Type: Array of strings
The global anycast IPv4 addresses associated with the Route 53 Global Resolver. DNS clients can send queries to these addresses from anywhere on the internet.
- name
-
- Required: Yes
- Type: string
The name of the Route 53 Global Resolver.
- observabilityRegion
-
- Type: string
The AWS Region where observability data for the Route 53 Global Resolver is stored.
- regions
-
- Required: Yes
- Type: Array of strings
The AWS Regions where the Route 53 Global Resolver is deployed and operational.
- status
-
- Required: Yes
- Type: string
The current status of the Route 53 Global Resolver. Possible values are CREATING (being provisioned), UPDATING (being modified), OPERATIONAL (ready to serve queries), or DELETING (being removed).
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the Route 53 Global Resolver was last updated.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- ServiceQuotaExceededException:
The request would exceed one or more service quotas. Check your current usage and quotas, then try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
DeleteAccessSource
$result = $client->deleteAccessSource([/* ... */]); $promise = $client->deleteAccessSourceAsync([/* ... */]);
Deletes an access source. This operation cannot be undone.
Parameter Syntax
$result = $client->deleteAccessSource([
'accessSourceId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- accessSourceId
-
- Required: Yes
- Type: string
The unique identifier of the access source to delete.
Result Syntax
[
'arn' => '<string>',
'cidr' => '<string>',
'createdAt' => <DateTime>,
'dnsViewId' => '<string>',
'id' => '<string>',
'ipAddressType' => 'IPV4|IPV6',
'name' => '<string>',
'protocol' => 'DO53|DOH|DOT',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the deleted access source.
- cidr
-
- Required: Yes
- Type: string
The IP address or CIDR range of the deleted access source.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the access source was originally created.
- dnsViewId
-
- Required: Yes
- Type: string
The ID of the DNS view that was associated with the deleted access source.
- id
-
- Required: Yes
- Type: string
The unique identifier of the deleted access source.
- ipAddressType
-
- Required: Yes
- Type: string
The IP address type of the deleted access source (IPv4 or IPv6).
- name
-
- Type: string
The name of the deleted access source.
- protocol
-
- Required: Yes
- Type: string
The DNS protocol that was permitted for the deleted access source.
- status
-
- Required: Yes
- Type: string
The final status of the deleted access source.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the access source was last updated before deletion.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
DeleteAccessToken
$result = $client->deleteAccessToken([/* ... */]); $promise = $client->deleteAccessTokenAsync([/* ... */]);
Deletes an access token. This operation cannot be undone.
Parameter Syntax
$result = $client->deleteAccessToken([
'accessTokenId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- accessTokenId
-
- Required: Yes
- Type: string
The unique identifier of the access token to delete.
Result Syntax
[
'deletedAt' => <DateTime>,
'id' => '<string>',
'status' => 'CREATING|OPERATIONAL|DELETING',
]
Result Details
Members
- deletedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the access token was deleted.
- id
-
- Required: Yes
- Type: string
The unique identifier of the deleted access token.
- status
-
- Required: Yes
- Type: string
The final status of the deleted access token.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
DeleteDNSView
$result = $client->deleteDNSView([/* ... */]); $promise = $client->deleteDNSViewAsync([/* ... */]);
Deletes a DNS view. This operation cannot be undone.
Parameter Syntax
$result = $client->deleteDNSView([
'dnsViewId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- dnsViewId
-
- Required: Yes
- Type: string
The unique identifier of the DNS view to delete.
Result Syntax
[
'arn' => '<string>',
'clientToken' => '<string>',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnssecValidation' => 'ENABLED|DISABLED',
'ednsClientSubnet' => 'ENABLED|DISABLED',
'firewallRulesFailOpen' => 'ENABLED|DISABLED',
'globalResolverId' => '<string>',
'id' => '<string>',
'name' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|ENABLING|DISABLING|DISABLED|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the deleted DNS view.
- clientToken
-
- Type: string
The unique string that identifies the request and ensures idempotency.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the DNS view was originally created.
- description
-
- Type: string
The description of the deleted DNS view.
- dnssecValidation
-
- Required: Yes
- Type: string
Whether DNSSEC validation was enabled for the deleted DNS view.
- ednsClientSubnet
-
- Required: Yes
- Type: string
Whether EDNS Client Subnet injection was enabled for the deleted DNS view.
- firewallRulesFailOpen
-
- Required: Yes
- Type: string
The firewall rules fail-open behavior that was configured for the deleted DNS view.
- globalResolverId
-
- Required: Yes
- Type: string
The ID of the Route 53 Global Resolver that the deleted DNS view was associated with.
- id
-
- Required: Yes
- Type: string
The unique identifier of the deleted DNS view.
- name
-
- Required: Yes
- Type: string
The name of the deleted DNS view.
- status
-
- Required: Yes
- Type: string
The final status of the deleted DNS view.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the DNS view was last updated before deletion.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
DeleteFirewallDomainList
$result = $client->deleteFirewallDomainList([/* ... */]); $promise = $client->deleteFirewallDomainListAsync([/* ... */]);
Deletes a firewall domain list. This operation cannot be undone.
Parameter Syntax
$result = $client->deleteFirewallDomainList([
'firewallDomainListId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- firewallDomainListId
-
- Required: Yes
- Type: string
The unique identifier of the firewall domain list to delete.
Result Syntax
[
'arn' => '<string>',
'id' => '<string>',
'name' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
]
Result Details
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the deleted firewall domain list.
- id
-
- Required: Yes
- Type: string
The unique identifier of the deleted firewall domain list.
- name
-
- Required: Yes
- Type: string
The name of the deleted firewall domain list.
- status
-
- Required: Yes
- Type: string
The final status of the deleted firewall domain list.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
DeleteFirewallRule
$result = $client->deleteFirewallRule([/* ... */]); $promise = $client->deleteFirewallRuleAsync([/* ... */]);
Deletes a DNS firewall rule. This operation cannot be undone.
Parameter Syntax
$result = $client->deleteFirewallRule([
'firewallRuleId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- firewallRuleId
-
- Required: Yes
- Type: string
The unique identifier of the firewall rule to delete.
Result Syntax
[
'action' => 'ALLOW|ALERT|BLOCK',
'blockOverrideDnsType' => 'CNAME',
'blockOverrideDomain' => '<string>',
'blockOverrideTtl' => <integer>,
'blockResponse' => 'NODATA|NXDOMAIN|OVERRIDE',
'confidenceThreshold' => 'LOW|MEDIUM|HIGH',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnsAdvancedProtection' => 'DGA|DNS_TUNNELING',
'dnsViewId' => '<string>',
'firewallDomainListId' => '<string>',
'id' => '<string>',
'name' => '<string>',
'priority' => <integer>,
'queryType' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- action
-
- Required: Yes
- Type: string
The action that was configured for the deleted firewall rule.
- blockOverrideDnsType
-
- Type: string
The DNS record type that was configured for the deleted firewall rule's custom response.
- blockOverrideDomain
-
- Type: string
The custom domain that was configured for the deleted firewall rule's BLOCK response.
- blockOverrideTtl
-
- Type: int
The TTL value that was configured for the deleted firewall rule's custom response.
- blockResponse
-
- Type: string
The block response type that was configured for the deleted firewall rule.
- confidenceThreshold
-
- Type: string
The confidence threshold that was configured for the deleted firewall rule's advanced threat detection.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the firewall rule was originally created.
- description
-
- Type: string
The description of the deleted firewall rule.
- dnsAdvancedProtection
-
- Type: string
Whether advanced DNS threat protection was enabled for the deleted firewall rule.
- dnsViewId
-
- Required: Yes
- Type: string
The ID of the DNS view that was associated with the deleted firewall rule.
- firewallDomainListId
-
- Type: string
The ID of the firewall domain list that was associated with the deleted firewall rule.
- id
-
- Required: Yes
- Type: string
The unique identifier of the deleted firewall rule.
- name
-
- Required: Yes
- Type: string
The name of the deleted firewall rule.
- priority
-
- Required: Yes
- Type: long (int|float)
The priority that was configured for the deleted firewall rule.
- queryType
-
- Type: string
The DNS query type that the deleted firewall rule was configured to match.
- status
-
- Required: Yes
- Type: string
The final status of the deleted firewall rule.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the firewall rule was last updated before deletion.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
DeleteGlobalResolver
$result = $client->deleteGlobalResolver([/* ... */]); $promise = $client->deleteGlobalResolverAsync([/* ... */]);
Deletes a Route 53 Global Resolver instance. This operation cannot be undone. All associated DNS views, access sources, tokens, and firewall rules are also deleted.
Parameter Syntax
$result = $client->deleteGlobalResolver([
'globalResolverId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- globalResolverId
-
- Required: Yes
- Type: string
The unique identifier of the Route 53 Global Resolver to delete.
Result Syntax
[
'arn' => '<string>',
'clientToken' => '<string>',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnsName' => '<string>',
'id' => '<string>',
'ipv4Addresses' => ['<string>', ...],
'name' => '<string>',
'observabilityRegion' => '<string>',
'regions' => ['<string>', ...],
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the deleted Route 53 Global Resolver.
- clientToken
-
- Required: Yes
- Type: string
The unique string that identifies the request and ensures idempotency.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the Route 53 Global Resolver was originally created.
- description
-
- Type: string
The description of the deleted Route 53 Global Resolver.
- dnsName
-
- Required: Yes
- Type: string
The hostname that DNS clients used for TLS certificate validation when connecting to the deleted Route 53 Global Resolver.
- id
-
- Required: Yes
- Type: string
The unique identifier of the deleted Route 53 Global Resolver.
- ipv4Addresses
-
- Required: Yes
- Type: Array of strings
The global anycast IPv4 addresses that were associated with the deleted Route 53 Global Resolver.
- name
-
- Required: Yes
- Type: string
The name of the deleted Route 53 Global Resolver.
- observabilityRegion
-
- Type: string
The AWS Region where observability data for the deleted Route 53 Global Resolver was stored.
- regions
-
- Required: Yes
- Type: Array of strings
The AWS Regions where the deleted Route 53 Global Resolver was deployed and operational.
- status
-
- Required: Yes
- Type: string
The final status of the deleted Route 53 Global Resolver.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the Route 53 Global Resolver was last updated before deletion.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
DisableDNSView
$result = $client->disableDNSView([/* ... */]); $promise = $client->disableDNSViewAsync([/* ... */]);
Disables a DNS view, preventing it from serving DNS queries.
Parameter Syntax
$result = $client->disableDNSView([
'dnsViewId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- dnsViewId
-
- Required: Yes
- Type: string
The unique identifier of the DNS view to disable.
Result Syntax
[
'arn' => '<string>',
'clientToken' => '<string>',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnssecValidation' => 'ENABLED|DISABLED',
'ednsClientSubnet' => 'ENABLED|DISABLED',
'firewallRulesFailOpen' => 'ENABLED|DISABLED',
'globalResolverId' => '<string>',
'id' => '<string>',
'name' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|ENABLING|DISABLING|DISABLED|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the disabled DNS view.
- clientToken
-
- Type: string
The unique string that identifies the request and ensures idempotency.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the DNS view was originally created.
- description
-
- Type: string
The description of the disabled DNS view.
- dnssecValidation
-
- Required: Yes
- Type: string
Whether DNSSEC validation is enabled for the disabled DNS view.
- ednsClientSubnet
-
- Required: Yes
- Type: string
Whether EDNS Client Subnet injection is enabled for the disabled DNS view.
- firewallRulesFailOpen
-
- Required: Yes
- Type: string
The firewall rules fail-open behavior configured for the disabled DNS view.
- globalResolverId
-
- Required: Yes
- Type: string
The ID of the Route 53 Global Resolver that the disabled DNS view is associated with.
- id
-
- Required: Yes
- Type: string
The unique identifier of the disabled DNS view.
- name
-
- Required: Yes
- Type: string
The name of the disabled DNS view.
- status
-
- Required: Yes
- Type: string
The current status of the disabled DNS view.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the DNS view was last updated.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
DisassociateHostedZone
$result = $client->disassociateHostedZone([/* ... */]); $promise = $client->disassociateHostedZoneAsync([/* ... */]);
Disassociates a Route 53 private hosted zone from a Route 53 Global Resolver resource.
Parameter Syntax
$result = $client->disassociateHostedZone([
'hostedZoneId' => '<string>', // REQUIRED
'resourceArn' => '<string>', // REQUIRED
]);
Parameter Details
Members
- hostedZoneId
-
- Required: Yes
- Type: string
The ID of the Route 53 private hosted zone to disassociate.
- resourceArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the Route 53 Global Resolver resource to disassociate the hosted zone from.
Result Syntax
[
'createdAt' => <DateTime>,
'hostedZoneId' => '<string>',
'hostedZoneName' => '<string>',
'id' => '<string>',
'name' => '<string>',
'resourceArn' => '<string>',
'status' => 'CREATING|OPERATIONAL|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the association was originally created.
- hostedZoneId
-
- Required: Yes
- Type: string
The ID of the Route 53 private hosted zone that was disassociated.
- hostedZoneName
-
- Required: Yes
- Type: string
The name of the Route 53 private hosted zone that was disassociated.
- id
-
- Required: Yes
- Type: string
The unique identifier of the disassociation.
- name
-
- Required: Yes
- Type: string
The name of the association that was removed.
- resourceArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the Route 53 Global Resolver resource that the hosted zone was disassociated from.
- status
-
- Required: Yes
- Type: string
The final status of the disassociation.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the association was last updated before disassociation.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
EnableDNSView
$result = $client->enableDNSView([/* ... */]); $promise = $client->enableDNSViewAsync([/* ... */]);
Enables a disabled DNS view, allowing it to serve DNS queries again.
Parameter Syntax
$result = $client->enableDNSView([
'dnsViewId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- dnsViewId
-
- Required: Yes
- Type: string
The unique identifier of the DNS view to enable.
Result Syntax
[
'arn' => '<string>',
'clientToken' => '<string>',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnssecValidation' => 'ENABLED|DISABLED',
'ednsClientSubnet' => 'ENABLED|DISABLED',
'firewallRulesFailOpen' => 'ENABLED|DISABLED',
'globalResolverId' => '<string>',
'id' => '<string>',
'name' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|ENABLING|DISABLING|DISABLED|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the enabled DNS view.
- clientToken
-
- Type: string
The unique string that identifies the request and ensures idempotency.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the DNS view was originally created.
- description
-
- Type: string
The description of the enabled DNS view.
- dnssecValidation
-
- Required: Yes
- Type: string
Whether DNSSEC validation is enabled for the enabled DNS view.
- ednsClientSubnet
-
- Required: Yes
- Type: string
Whether EDNS Client Subnet injection is enabled for the enabled DNS view.
- firewallRulesFailOpen
-
- Required: Yes
- Type: string
The firewall rules fail-open behavior configured for the enabled DNS view.
- globalResolverId
-
- Required: Yes
- Type: string
The ID of the Route 53 Global Resolver that the enabled DNS view is associated with.
- id
-
- Required: Yes
- Type: string
The unique identifier of the enabled DNS view.
- name
-
- Required: Yes
- Type: string
The name of the enabled DNS view.
- status
-
- Required: Yes
- Type: string
The current status of the enabled DNS view.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the DNS view was last updated.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
GetAccessSource
$result = $client->getAccessSource([/* ... */]); $promise = $client->getAccessSourceAsync([/* ... */]);
Retrieves information about an access source.
Parameter Syntax
$result = $client->getAccessSource([
'accessSourceId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- accessSourceId
-
- Required: Yes
- Type: string
The unique identifier of the access source to retrieve.
Result Syntax
[
'arn' => '<string>',
'cidr' => '<string>',
'createdAt' => <DateTime>,
'dnsViewId' => '<string>',
'id' => '<string>',
'ipAddressType' => 'IPV4|IPV6',
'name' => '<string>',
'protocol' => 'DO53|DOH|DOT',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the access source.
- cidr
-
- Required: Yes
- Type: string
The IP range for the rule's parameters in CIDR notation.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time and date the rule was created.
- dnsViewId
-
- Required: Yes
- Type: string
ID for the DNS view that the rule is associated to.
- id
-
- Required: Yes
- Type: string
ID for the rule.
- ipAddressType
-
- Required: Yes
- Type: string
The IP address type.
- name
-
- Type: string
Name for the access source.
- protocol
-
- Required: Yes
- Type: string
The protocol determines how data is transmitted to a Global Resolver instance.
- status
-
- Required: Yes
- Type: string
Information about the status of the rule.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time and date the access source was updated.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
GetAccessToken
$result = $client->getAccessToken([/* ... */]); $promise = $client->getAccessTokenAsync([/* ... */]);
Retrieves information about an access token.
Parameter Syntax
$result = $client->getAccessToken([
'accessTokenId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- accessTokenId
-
- Required: Yes
- Type: string
ID of the token.
Result Syntax
[
'arn' => '<string>',
'clientToken' => '<string>',
'createdAt' => <DateTime>,
'dnsViewId' => '<string>',
'expiresAt' => <DateTime>,
'globalResolverId' => '<string>',
'id' => '<string>',
'name' => '<string>',
'status' => 'CREATING|OPERATIONAL|DELETING',
'updatedAt' => <DateTime>,
'value' => '<string>',
]
Result Details
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the token.
- clientToken
-
- Type: string
A unique, case-sensitive identifier to ensure idempotency. This means that making the same request multiple times with the same
clientTokenhas the same result every time. - createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time and date the token was created.
- dnsViewId
-
- Required: Yes
- Type: string
ID of the DNS view the token is associated to.
- expiresAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The token's expiration time and date.
- globalResolverId
-
- Required: Yes
- Type: string
ID of the Global Resolver.
- id
-
- Required: Yes
- Type: string
ID of the token.
- name
-
- Type: string
Name of the token.
- status
-
- Required: Yes
- Type: string
The operational status of the token.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time and date the token was created.
- value
-
- Required: Yes
- Type: string
The value of the token.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
GetDNSView
$result = $client->getDNSView([/* ... */]); $promise = $client->getDNSViewAsync([/* ... */]);
Retrieves information about a DNS view.
Parameter Syntax
$result = $client->getDNSView([
'dnsViewId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- dnsViewId
-
- Required: Yes
- Type: string
The ID of the DNS view to retrieve information about.
Result Syntax
[
'arn' => '<string>',
'clientToken' => '<string>',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnssecValidation' => 'ENABLED|DISABLED',
'ednsClientSubnet' => 'ENABLED|DISABLED',
'firewallRulesFailOpen' => 'ENABLED|DISABLED',
'globalResolverId' => '<string>',
'id' => '<string>',
'name' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|ENABLING|DISABLING|DISABLED|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- arn
-
- Required: Yes
- Type: string
Amazon Resource Name (ARN) of the DNS view.
- clientToken
-
- Type: string
A unique, case-sensitive identifier to ensure idempotency. This means that making the same request multiple times with the same
clientTokenhas the same result every time. - createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time and date the DNS view was creates on.
- description
-
- Type: string
Description of the DNS view.
- dnssecValidation
-
- Required: Yes
- Type: string
Specifies whether DNSSEC is enabled or disabled for the DNS view.
- ednsClientSubnet
-
- Required: Yes
- Type: string
Specifies whether edns0 client subnet is enabled.
- firewallRulesFailOpen
-
- Required: Yes
- Type: string
Specifies the DNS Firewall failure mode configuration. When enabled, the DNS Firewall allows DNS queries to proceed if it's unable to properly evaluate them. When disabled, the DNS Firewall blocks DNS queries it's unable to evaluate.
- globalResolverId
-
- Required: Yes
- Type: string
ID of the Global Resolver the DNS view is associated to.
- id
-
- Required: Yes
- Type: string
ID of the DNS view.
- name
-
- Required: Yes
- Type: string
Name of the DNS view.
- status
-
- Required: Yes
- Type: string
Operational status of the DNS view.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time and date the DNS view was updated on.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
GetFirewallDomainList
$result = $client->getFirewallDomainList([/* ... */]); $promise = $client->getFirewallDomainListAsync([/* ... */]);
Retrieves information about a firewall domain list.
Parameter Syntax
$result = $client->getFirewallDomainList([
'firewallDomainListId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- firewallDomainListId
-
- Required: Yes
- Type: string
ID of the domain list.
Result Syntax
[
'arn' => '<string>',
'clientToken' => '<string>',
'createdAt' => <DateTime>,
'description' => '<string>',
'domainCount' => <integer>,
'globalResolverId' => '<string>',
'id' => '<string>',
'name' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'statusMessage' => '<string>',
'updatedAt' => <DateTime>,
]
Result Details
Members
- arn
-
- Required: Yes
- Type: string
Amazon Resource Name (ARN) of the domain list.
- clientToken
-
- Type: string
A unique, case-sensitive identifier to ensure idempotency. This means that making the same request multiple times with the same
clientTokenhas the same result every time. - createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time and date the domain list was created.
- description
-
- Type: string
The description of the domain list.
- domainCount
-
- Required: Yes
- Type: int
Number of domains in the domain list.
- globalResolverId
-
- Required: Yes
- Type: string
ID of the Global Resolver that the domain list is associated to.
- id
-
- Required: Yes
- Type: string
ID of the domain list.
- name
-
- Required: Yes
- Type: string
Name of the domain list.
- status
-
- Required: Yes
- Type: string
Operational status of the domain list.
- statusMessage
-
- Type: string
Additional information about the status of the domain list.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the domain list was updated.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
GetFirewallRule
$result = $client->getFirewallRule([/* ... */]); $promise = $client->getFirewallRuleAsync([/* ... */]);
Retrieves information about a DNS firewall rule.
Parameter Syntax
$result = $client->getFirewallRule([
'firewallRuleId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- firewallRuleId
-
- Required: Yes
- Type: string
ID of the DNS Firewall rule.
Result Syntax
[
'action' => 'ALLOW|ALERT|BLOCK',
'blockOverrideDnsType' => 'CNAME',
'blockOverrideDomain' => '<string>',
'blockOverrideTtl' => <integer>,
'blockResponse' => 'NODATA|NXDOMAIN|OVERRIDE',
'confidenceThreshold' => 'LOW|MEDIUM|HIGH',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnsAdvancedProtection' => 'DGA|DNS_TUNNELING',
'dnsViewId' => '<string>',
'firewallDomainListId' => '<string>',
'id' => '<string>',
'name' => '<string>',
'priority' => <integer>,
'queryType' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- action
-
- Required: Yes
- Type: string
The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list, or a threat in a DNS Firewall Advanced rule.
- blockOverrideDnsType
-
- Type: string
The DNS record's type. This determines the format of the record value that you provided in
BlockOverrideDomain. Used for the rule actionBLOCKwith aBlockResponsesetting ofOVERRIDE. - blockOverrideDomain
-
- Type: string
The custom DNS record to send back in response to the query. Used for the rule action
BLOCKwith aBlockResponsesetting ofOVERRIDE. - blockOverrideTtl
-
- Type: int
The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action
BLOCKwith aBlockResponsesetting ofOVERRIDE. - blockResponse
-
- Type: string
The way that you want DNS Firewall to block the request. Used for the rule action setting
BLOCK. - confidenceThreshold
-
- Type: string
The confidence threshold for DNS Firewall Advanced. You must provide this value when you create a DNS Firewall Advanced rule.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time and date the DNS Firewall rule was created.
- description
-
- Type: string
The description of the DNS Firewall rule.
- dnsAdvancedProtection
-
- Type: string
The type of the DNS Firewall Advanced rule. Valid values are DGA and DNS_TUNNELING.
- dnsViewId
-
- Required: Yes
- Type: string
The DNS view ID the DNS Firewall is associated with.
- firewallDomainListId
-
- Type: string
The ID of a DNS Firewall domain list.
- id
-
- Required: Yes
- Type: string
ID of the DNS Firewall rule.
- name
-
- Required: Yes
- Type: string
The name of the DNS Firewall rule.
- priority
-
- Required: Yes
- Type: long (int|float)
The setting that determines the processing order of the rule in the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.
- queryType
-
- Type: string
The DNS query type you want the rule to evaluate.
- status
-
- Required: Yes
- Type: string
The operational status of the DNS Firewall rule.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the DNS Firewall rule was updated.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
GetGlobalResolver
$result = $client->getGlobalResolver([/* ... */]); $promise = $client->getGlobalResolverAsync([/* ... */]);
Retrieves information about a Route 53 Global Resolver instance.
Parameter Syntax
$result = $client->getGlobalResolver([
'globalResolverId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- globalResolverId
-
- Required: Yes
- Type: string
The ID of the Route 53 Global Resolver to retrieve information about.
Result Syntax
[
'arn' => '<string>',
'clientToken' => '<string>',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnsName' => '<string>',
'id' => '<string>',
'ipv4Addresses' => ['<string>', ...],
'name' => '<string>',
'observabilityRegion' => '<string>',
'regions' => ['<string>', ...],
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the Global Resolver.
- clientToken
-
- Required: Yes
- Type: string
A unique, case-sensitive identifier to ensure idempotency. This means that making the same request multiple times with the same
clientTokenhas the same result every time. - createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the Global Resolver was created.
- description
-
- Type: string
The description of the Global Resolver.
- dnsName
-
- Required: Yes
- Type: string
The hostname used by the customers' DNS clients for certification validation.
- id
-
- Required: Yes
- Type: string
The ID of the Global Resolver.
- ipv4Addresses
-
- Required: Yes
- Type: Array of strings
List of anycast IPv4 addresses associated with the Global Resolver instance.
- name
-
- Required: Yes
- Type: string
The name of the Global Resolver.
- observabilityRegion
-
- Type: string
The AWS Regions in which the users' Global Resolver query resolution logs will be propagated.
- regions
-
- Required: Yes
- Type: Array of strings
The AWS Regions in which the Global Resolver operate.
- status
-
- Required: Yes
- Type: string
The operational status of the Global Resolver.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time the Global Resolver was updated.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
GetHostedZoneAssociation
$result = $client->getHostedZoneAssociation([/* ... */]); $promise = $client->getHostedZoneAssociationAsync([/* ... */]);
Retrieves information about a hosted zone association.
Parameter Syntax
$result = $client->getHostedZoneAssociation([
'hostedZoneAssociationId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- hostedZoneAssociationId
-
- Required: Yes
- Type: string
ID of the private hosted zone association.
Result Syntax
[
'createdAt' => <DateTime>,
'hostedZoneId' => '<string>',
'hostedZoneName' => '<string>',
'id' => '<string>',
'name' => '<string>',
'resourceArn' => '<string>',
'status' => 'CREATING|OPERATIONAL|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time and date the private hosted zone association was created.
- hostedZoneId
-
- Required: Yes
- Type: string
ID of the hosted zone associated to the DNS view.
- hostedZoneName
-
- Required: Yes
- Type: string
Name of the domain associated with the private hosted zone.
- id
-
- Required: Yes
- Type: string
ID of the private hosted zone association.
- name
-
- Required: Yes
- Type: string
Name of the private hosted zone association.
- resourceArn
-
- Required: Yes
- Type: string
Amazon Resource Name (ARN) of the DNS view the private hosted zone is associated to.
- status
-
- Required: Yes
- Type: string
The operational status of the private hosted zone association.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time and date the private hosted zone association was updated.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
GetManagedFirewallDomainList
$result = $client->getManagedFirewallDomainList([/* ... */]); $promise = $client->getManagedFirewallDomainListAsync([/* ... */]);
Retrieves information about an AWS-managed firewall domain list. Managed domain lists contain domains associated with malicious activity, content categories, or specific threats.
Parameter Syntax
$result = $client->getManagedFirewallDomainList([
'managedFirewallDomainListId' => '<string>', // REQUIRED
]);
Parameter Details
Members
- managedFirewallDomainListId
-
- Required: Yes
- Type: string
ID of the Managed Domain List.
Result Syntax
[
'description' => '<string>',
'id' => '<string>',
'managedListType' => '<string>',
'name' => '<string>',
]
Result Details
Members
- description
-
- Type: string
Description of the Managed Domain List.
- id
-
- Required: Yes
- Type: string
ID of the Managed Domain List.
- managedListType
-
- Required: Yes
- Type: string
Type of the managed category. This is either
THREATorCONTENT. - name
-
- Required: Yes
- Type: string
Name of the Managed Domain List.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
ImportFirewallDomains
$result = $client->importFirewallDomains([/* ... */]); $promise = $client->importFirewallDomainsAsync([/* ... */]);
Imports a list of domains from an Amazon S3 file into a firewall domain list. The file should contain one domain per line.
Parameter Syntax
$result = $client->importFirewallDomains([
'domainFileUrl' => '<string>', // REQUIRED
'firewallDomainListId' => '<string>', // REQUIRED
'operation' => '<string>', // REQUIRED
]);
Parameter Details
Members
- domainFileUrl
-
- Required: Yes
- Type: string
The fully qualified URL of the file in Amazon S3 that contains the list of domains to import. The file should contain one domain per line.
- firewallDomainListId
-
- Required: Yes
- Type: string
ID of the DNS Firewall domain list that you want to import the domain list to.
- operation
-
- Required: Yes
- Type: string
This value is
REPLACE, and it updates the domain list to match the list of domains in the imported file.
Result Syntax
[
'id' => '<string>',
'name' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
]
Result Details
Members
- id
-
- Required: Yes
- Type: string
ID of the DNS Firewall domain list that you imported the domain list to.
- name
-
- Required: Yes
- Type: string
Name of the DNS Firewall domain list.
- status
-
- Required: Yes
- Type: string
Operational status of the DNS Firewall domain list.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
ListAccessSources
$result = $client->listAccessSources([/* ... */]); $promise = $client->listAccessSourcesAsync([/* ... */]);
Lists all access sources with pagination support.
Parameter Syntax
$result = $client->listAccessSources([
'filters' => [
'<String>' => ['<string>', ...],
// ...
],
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- filters
-
- Type: Associative array of custom strings keys (String) to stringss
Values to filter the results.
- maxResults
-
- Type: int
The maximum number of results to retrieve in a single call.
- nextToken
-
- Type: string
A pagination token used for large sets of results that can't be returned in a single response.
Result Syntax
[
'accessSources' => [
[
'arn' => '<string>',
'cidr' => '<string>',
'createdAt' => <DateTime>,
'dnsViewId' => '<string>',
'id' => '<string>',
'ipAddressType' => 'IPV4|IPV6',
'name' => '<string>',
'protocol' => 'DO53|DOH|DOT',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- accessSources
-
- Required: Yes
- Type: Array of AccessSourcesItem structures
An array containing information about the access sources, such as the ID, CIDR etc.
- nextToken
-
- Type: string
A pagination token used for large sets of results that can't be returned in a single response. Provide this token in the next call to get the results not returned in this call.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
ListAccessTokens
$result = $client->listAccessTokens([/* ... */]); $promise = $client->listAccessTokensAsync([/* ... */]);
Lists all access tokens for a DNS view with pagination support.
Parameter Syntax
$result = $client->listAccessTokens([
'dnsViewId' => '<string>', // REQUIRED
'filters' => [
'<String>' => ['<string>', ...],
// ...
],
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- dnsViewId
-
- Required: Yes
- Type: string
The ID of the DNS view to list the tokens for.
- filters
-
- Type: Associative array of custom strings keys (String) to stringss
Filtering parameters.
- maxResults
-
- Type: int
The maximum number of results to retrieve in a single call.
- nextToken
-
- Type: string
A pagination token used for large sets of results that can't be returned in a single response.
Result Syntax
[
'accessTokens' => [
[
'arn' => '<string>',
'createdAt' => <DateTime>,
'dnsViewId' => '<string>',
'expiresAt' => <DateTime>,
'globalResolverId' => '<string>',
'id' => '<string>',
'name' => '<string>',
'status' => 'CREATING|OPERATIONAL|DELETING',
'updatedAt' => <DateTime>,
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- accessTokens
-
- Type: Array of AccessTokenItem structures
List of the tokens.
- nextToken
-
- Type: string
A pagination token used for large sets of results that can't be returned in a single response. Provide this token in the next call to get the results not returned in this call.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
ListDNSViews
$result = $client->listDNSViews([/* ... */]); $promise = $client->listDNSViewsAsync([/* ... */]);
Lists all DNS views for a Route 53 Global Resolver with pagination support.
Parameter Syntax
$result = $client->listDNSViews([
'globalResolverId' => '<string>', // REQUIRED
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- globalResolverId
-
- Required: Yes
- Type: string
The Global Resolver ID.
- maxResults
-
- Type: int
The maximum number of results to retrieve in a single call.
- nextToken
-
- Type: string
A pagination token used for large sets of results that can't be returned in a single response.
Result Syntax
[
'dnsViews' => [
[
'arn' => '<string>',
'clientToken' => '<string>',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnssecValidation' => 'ENABLED|DISABLED',
'ednsClientSubnet' => 'ENABLED|DISABLED',
'firewallRulesFailOpen' => 'ENABLED|DISABLED',
'globalResolverId' => '<string>',
'id' => '<string>',
'name' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|ENABLING|DISABLING|DISABLED|DELETING',
'updatedAt' => <DateTime>,
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- dnsViews
-
- Required: Yes
- Type: Array of DNSViewSummary structures
An array of information about the DNS views, such as whether DNSSEC is enabled, creation time, etc.
- nextToken
-
- Type: string
A pagination token used for large sets of results that can't be returned in a single response. Provide this token in the next call to get the results not returned in this call.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
ListFirewallDomainLists
$result = $client->listFirewallDomainLists([/* ... */]); $promise = $client->listFirewallDomainListsAsync([/* ... */]);
Lists all firewall domain lists for a Route 53 Global Resolver with pagination support.
Parameter Syntax
$result = $client->listFirewallDomainLists([
'globalResolverId' => '<string>',
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- globalResolverId
-
- Type: string
The ID of the Global Resolver that contains the DNS view the domain lists are associated to.
- maxResults
-
- Type: int
The maximum number of results to retrieve in a single call.
- nextToken
-
- Type: string
A pagination token used for large sets of results that can't be returned in a single response.
Result Syntax
[
'firewallDomainLists' => [
[
'arn' => '<string>',
'createdAt' => <DateTime>,
'description' => '<string>',
'globalResolverId' => '<string>',
'id' => '<string>',
'name' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- firewallDomainLists
-
- Required: Yes
- Type: Array of FirewallDomainListsItem structures
List of the DNS Firewall domain lists.
- nextToken
-
- Type: string
A pagination token used for large sets of results that can't be returned in a single response. Provide this token in the next call to get the results not returned in this call.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
ListFirewallDomains
$result = $client->listFirewallDomains([/* ... */]); $promise = $client->listFirewallDomainsAsync([/* ... */]);
Lists all the domains in DNS Firewall domain list you have created.
Parameter Syntax
$result = $client->listFirewallDomains([
'firewallDomainListId' => '<string>', // REQUIRED
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- firewallDomainListId
-
- Required: Yes
- Type: string
ID of the DNS Firewall domain list.
- maxResults
-
- Type: int
The maximum number of results to retrieve in a single call.
- nextToken
-
- Type: string
A pagination token used for large sets of results that can't be returned in a single response.
Result Syntax
[
'domains' => ['<string>', ...],
'nextToken' => '<string>',
]
Result Details
Members
- domains
-
- Required: Yes
- Type: Array of strings
List of domains in the specified domain list.
- nextToken
-
- Type: string
A pagination token used for large sets of results that can't be returned in a single response. Provide this token in the next call to get the results not returned in this call.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
ListFirewallRules
$result = $client->listFirewallRules([/* ... */]); $promise = $client->listFirewallRulesAsync([/* ... */]);
Lists all DNS firewall rules for a DNS view with pagination support.
Parameter Syntax
$result = $client->listFirewallRules([
'dnsViewId' => '<string>', // REQUIRED
'filters' => [
'<String>' => ['<string>', ...],
// ...
],
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- dnsViewId
-
- Required: Yes
- Type: string
ID of the DNS view.
- filters
-
- Type: Associative array of custom strings keys (String) to stringss
Values to filter the results.
- maxResults
-
- Type: int
The maximum number of results to retrieve in a single call.
- nextToken
-
- Type: string
A pagination token used for large sets of results that can't be returned in a single response.
Result Syntax
[
'firewallRules' => [
[
'action' => 'ALLOW|ALERT|BLOCK',
'blockOverrideDnsType' => 'CNAME',
'blockOverrideDomain' => '<string>',
'blockOverrideTtl' => <integer>,
'blockResponse' => 'NODATA|NXDOMAIN|OVERRIDE',
'confidenceThreshold' => 'LOW|MEDIUM|HIGH',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnsAdvancedProtection' => 'DGA|DNS_TUNNELING',
'dnsViewId' => '<string>',
'firewallDomainListId' => '<string>',
'id' => '<string>',
'name' => '<string>',
'priority' => <integer>,
'queryType' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- firewallRules
-
- Required: Yes
- Type: Array of FirewallRulesItem structures
List of the firewall rules and information about them.
- nextToken
-
- Type: string
A pagination token used for large sets of results that can't be returned in a single response. Provide this token in the next call to get the results not returned in this call.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
ListGlobalResolvers
$result = $client->listGlobalResolvers([/* ... */]); $promise = $client->listGlobalResolversAsync([/* ... */]);
Lists all Route 53 Global Resolver instances in your account with pagination support.
Parameter Syntax
$result = $client->listGlobalResolvers([
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- maxResults
-
- Type: int
The maximum number of Route 53 Global Resolver instances to return in the response. Valid range is 1-100.
- nextToken
-
- Type: string
The token for the next page of results. This value is returned in the response if there are more results to retrieve.
Result Syntax
[
'globalResolvers' => [
[
'arn' => '<string>',
'clientToken' => '<string>',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnsName' => '<string>',
'id' => '<string>',
'ipv4Addresses' => ['<string>', ...],
'name' => '<string>',
'observabilityRegion' => '<string>',
'regions' => ['<string>', ...],
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- globalResolvers
-
- Required: Yes
- Type: Array of GlobalResolversItem structures
Paginated list of Global Resolvers.
- nextToken
-
- Type: string
A pagination token used for large sets of results that can't be returned in a single response. Provide this token in the next call to get the results not returned in this call.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
ListHostedZoneAssociations
$result = $client->listHostedZoneAssociations([/* ... */]); $promise = $client->listHostedZoneAssociationsAsync([/* ... */]);
Lists all hosted zone associations for a Route 53 Global Resolver resource with pagination support.
Parameter Syntax
$result = $client->listHostedZoneAssociations([
'maxResults' => <integer>,
'nextToken' => '<string>',
'resourceArn' => '<string>', // REQUIRED
]);
Parameter Details
Members
- maxResults
-
- Type: int
The maximum number of results to retrieve in a single call.
- nextToken
-
- Type: string
A pagination token used for large sets of results that can't be returned in a single response.
- resourceArn
-
- Required: Yes
- Type: string
Amazon Resource Name (ARN) of the DNS view.
Result Syntax
[
'hostedZoneAssociations' => [
[
'createdAt' => <DateTime>,
'hostedZoneId' => '<string>',
'hostedZoneName' => '<string>',
'id' => '<string>',
'name' => '<string>',
'resourceArn' => '<string>',
'status' => 'CREATING|OPERATIONAL|DELETING',
'updatedAt' => <DateTime>,
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- hostedZoneAssociations
-
- Required: Yes
- Type: Array of HostedZoneAssociationSummary structures
List of the private hosted zone associations.
- nextToken
-
- Type: string
A pagination token used for large sets of results that can't be returned in a single response. Provide this token in the next call to get the results not returned in this call.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
ListManagedFirewallDomainLists
$result = $client->listManagedFirewallDomainLists([/* ... */]); $promise = $client->listManagedFirewallDomainListsAsync([/* ... */]);
Returns a paginated list of the AWS Managed DNS Lists and the categories for DNS Firewall. The categories are either THREAT or CONTENT.
Parameter Syntax
$result = $client->listManagedFirewallDomainLists([
'managedFirewallDomainListType' => '<string>', // REQUIRED
'maxResults' => <integer>,
'nextToken' => '<string>',
]);
Parameter Details
Members
- managedFirewallDomainListType
-
- Required: Yes
- Type: string
The category of the Manage DNS list either
THREATorCONTENT. - maxResults
-
- Type: int
The maximum number of results to retrieve in a single call.
- nextToken
-
- Type: string
A pagination token used for large sets of results that can't be returned in a single response.
Result Syntax
[
'managedFirewallDomainLists' => [
[
'description' => '<string>',
'id' => '<string>',
'managedListType' => '<string>',
'name' => '<string>',
],
// ...
],
'nextToken' => '<string>',
]
Result Details
Members
- managedFirewallDomainLists
-
- Required: Yes
- Type: Array of ManagedFirewallDomainListsItem structures
List of the Managed Domain Lists.
- nextToken
-
- Type: string
A pagination token used for large sets of results that can't be returned in a single response. Provide this token in the next call to get the results not returned in this call.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
ListTagsForResource
$result = $client->listTagsForResource([/* ... */]); $promise = $client->listTagsForResourceAsync([/* ... */]);
Lists the tags associated with a Route 53 Global Resolver resource.
Parameter Syntax
$result = $client->listTagsForResource([
'resourceArn' => '<string>', // REQUIRED
]);
Parameter Details
Members
- resourceArn
-
- Required: Yes
- Type: string
Amazon Resource Name (ARN) for the resource.
Result Syntax
[
'tags' => ['<string>', ...],
]
Result Details
Members
- tags
-
- Type: Associative array of custom strings keys (TagKey) to strings
An array of user-defined keys and optional values. These tags can be used for categorization and organization.
Errors
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
TagResource
$result = $client->tagResource([/* ... */]); $promise = $client->tagResourceAsync([/* ... */]);
Adds or updates tags for a Route 53 Global Resolver resource. Tags are key-value pairs that help you organize and identify your resources.
Parameter Syntax
$result = $client->tagResource([
'resourceArn' => '<string>', // REQUIRED
'tags' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- resourceArn
-
- Required: Yes
- Type: string
Amazon Resource Name (ARN) of the resource to be tagged.
- tags
-
- Required: Yes
- Type: Associative array of custom strings keys (TagKey) to strings
An array of user-defined keys and optional values. These tags can be used for categorization and organization.
Result Syntax
[]
Result Details
Errors
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ServiceQuotaExceededException:
The request would exceed one or more service quotas. Check your current usage and quotas, then try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
UntagResource
$result = $client->untagResource([/* ... */]); $promise = $client->untagResourceAsync([/* ... */]);
Removes tags from a Route 53 Global Resolver resource.
Parameter Syntax
$result = $client->untagResource([
'resourceArn' => '<string>', // REQUIRED
'tagKeys' => ['<string>', ...], // REQUIRED
]);
Parameter Details
Members
- resourceArn
-
- Required: Yes
- Type: string
Amazon Resource Name (ARN) of the resource.
- tagKeys
-
- Required: Yes
- Type: Array of strings
The tag keys associated with the resource.
Result Syntax
[]
Result Details
Errors
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
UpdateAccessSource
$result = $client->updateAccessSource([/* ... */]); $promise = $client->updateAccessSourceAsync([/* ... */]);
Updates the configuration of an access source.
Parameter Syntax
$result = $client->updateAccessSource([
'accessSourceId' => '<string>', // REQUIRED
'cidr' => '<string>',
'ipAddressType' => 'IPV4|IPV6',
'name' => '<string>',
'protocol' => 'DO53|DOH|DOT',
]);
Parameter Details
Members
- accessSourceId
-
- Required: Yes
- Type: string
The unique identifier of the access source to update.
- cidr
-
- Type: string
The CIDR block for the access source.
- ipAddressType
-
- Type: string
The IP address type for the access source.
- name
-
- Type: string
The name of the access source.
- protocol
-
- Type: string
The protocol for the access source.
Result Syntax
[
'arn' => '<string>',
'cidr' => '<string>',
'createdAt' => <DateTime>,
'dnsViewId' => '<string>',
'id' => '<string>',
'ipAddressType' => 'IPV4|IPV6',
'name' => '<string>',
'protocol' => 'DO53|DOH|DOT',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the updated access source.
- cidr
-
- Required: Yes
- Type: string
The CIDR block of the updated access source.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the access source was originally created.
- dnsViewId
-
- Required: Yes
- Type: string
The ID of the DNS view associated with the updated access source.
- id
-
- Required: Yes
- Type: string
The unique identifier of the updated access source.
- ipAddressType
-
- Required: Yes
- Type: string
The IP address type of the updated access source.
- name
-
- Type: string
The name of the updated access source.
- protocol
-
- Required: Yes
- Type: string
The protocol of the updated access source.
- status
-
- Required: Yes
- Type: string
The current status of the updated access source.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the access source was last updated.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- ServiceQuotaExceededException:
The request would exceed one or more service quotas. Check your current usage and quotas, then try again.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
UpdateAccessToken
$result = $client->updateAccessToken([/* ... */]); $promise = $client->updateAccessTokenAsync([/* ... */]);
Updates the configuration of an access token.
Parameter Syntax
$result = $client->updateAccessToken([
'accessTokenId' => '<string>', // REQUIRED
'name' => '<string>', // REQUIRED
]);
Parameter Details
Members
- accessTokenId
-
- Required: Yes
- Type: string
The ID of the token.
- name
-
- Required: Yes
- Type: string
The new name of the token.
Result Syntax
[
'id' => '<string>',
'name' => '<string>',
]
Result Details
Members
- id
-
- Required: Yes
- Type: string
The ID of the token.
- name
-
- Required: Yes
- Type: string
The name of the token.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
UpdateDNSView
$result = $client->updateDNSView([/* ... */]); $promise = $client->updateDNSViewAsync([/* ... */]);
Updates the configuration of a DNS view.
Parameter Syntax
$result = $client->updateDNSView([
'description' => '<string>',
'dnsViewId' => '<string>', // REQUIRED
'dnssecValidation' => 'ENABLED|DISABLED',
'ednsClientSubnet' => 'ENABLED|DISABLED',
'firewallRulesFailOpen' => 'ENABLED|DISABLED',
'name' => '<string>',
]);
Parameter Details
Members
- description
-
- Type: string
A description of the DNS view.
- dnsViewId
-
- Required: Yes
- Type: string
The unique identifier of the DNS view to update.
- dnssecValidation
-
- Type: string
Whether to enable DNSSEC validation for the DNS view.
- ednsClientSubnet
-
- Type: string
Whether to enable EDNS Client Subnet injection for the DNS view.
- firewallRulesFailOpen
-
- Type: string
Whether firewall rules should fail open when they cannot be evaluated.
- name
-
- Type: string
The name of the DNS view.
Result Syntax
[
'arn' => '<string>',
'clientToken' => '<string>',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnssecValidation' => 'ENABLED|DISABLED',
'ednsClientSubnet' => 'ENABLED|DISABLED',
'firewallRulesFailOpen' => 'ENABLED|DISABLED',
'globalResolverId' => '<string>',
'id' => '<string>',
'name' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|ENABLING|DISABLING|DISABLED|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the updated DNS view.
- clientToken
-
- Type: string
The unique string that identifies the request and ensures idempotency.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the DNS view was originally created.
- description
-
- Type: string
The description of the updated DNS view.
- dnssecValidation
-
- Required: Yes
- Type: string
Whether DNSSEC validation is enabled for the updated DNS view.
- ednsClientSubnet
-
- Required: Yes
- Type: string
Whether EDNS Client Subnet injection is enabled for the updated DNS view.
- firewallRulesFailOpen
-
- Required: Yes
- Type: string
Whether firewall rules fail open when they cannot be evaluated for the updated DNS view.
- globalResolverId
-
- Required: Yes
- Type: string
The ID of the global resolver associated with the updated DNS view.
- id
-
- Required: Yes
- Type: string
The unique identifier of the updated DNS view.
- name
-
- Required: Yes
- Type: string
The name of the updated DNS view.
- status
-
- Required: Yes
- Type: string
The current status of the updated DNS view.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the DNS view was last updated.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
UpdateFirewallDomains
$result = $client->updateFirewallDomains([/* ... */]); $promise = $client->updateFirewallDomainsAsync([/* ... */]);
Updates a DNS Firewall domain list from an array of specified domains.
Parameter Syntax
$result = $client->updateFirewallDomains([
'domains' => ['<string>', ...], // REQUIRED
'firewallDomainListId' => '<string>', // REQUIRED
'operation' => '<string>', // REQUIRED
]);
Parameter Details
Members
- domains
-
- Required: Yes
- Type: Array of strings
A list of the domains. You can add up to 1000 domains per request.
- firewallDomainListId
-
- Required: Yes
- Type: string
The ID of the DNS Firewall domain list to which you want to add the domains.
- operation
-
- Required: Yes
- Type: string
The operation for updating the domain list. The allowed values are ADD, REMOVE, and REPLACE.
Result Syntax
[
'id' => '<string>',
'name' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
]
Result Details
Members
- id
-
- Required: Yes
- Type: string
The ID of the DNS Firewall domain list.
- name
-
- Required: Yes
- Type: string
The name of the domain list.
- status
-
- Required: Yes
- Type: string
The operational status of the domain list.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
UpdateFirewallRule
$result = $client->updateFirewallRule([/* ... */]); $promise = $client->updateFirewallRuleAsync([/* ... */]);
Updates the configuration of a DNS firewall rule.
Parameter Syntax
$result = $client->updateFirewallRule([
'action' => 'ALLOW|ALERT|BLOCK',
'blockOverrideDnsType' => 'CNAME',
'blockOverrideDomain' => '<string>',
'blockOverrideTtl' => <integer>,
'blockResponse' => 'NODATA|NXDOMAIN|OVERRIDE',
'clientToken' => '<string>', // REQUIRED
'confidenceThreshold' => 'LOW|MEDIUM|HIGH',
'description' => '<string>',
'dnsAdvancedProtection' => 'DGA|DNS_TUNNELING',
'firewallRuleId' => '<string>', // REQUIRED
'name' => '<string>',
'priority' => <integer>,
]);
Parameter Details
Members
- action
-
- Type: string
The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list, or a threat in a DNS Firewall Advanced rule.
- blockOverrideDnsType
-
- Type: string
The DNS record's type. This determines the format of the record value that you provided in
BlockOverrideDomain. Used for the rule actionBLOCKwith aBlockResponsesetting ofOVERRIDE. - blockOverrideDomain
-
- Type: string
The custom DNS record to send back in response to the query. Used for the rule action
BLOCKwith aBlockResponsesetting ofOVERRIDE. - blockOverrideTtl
-
- Type: int
The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action
BLOCKwith aBlockResponsesetting ofOVERRIDE. - blockResponse
-
- Type: string
The way that you want DNS Firewall to block the request. Used for the rule action setting
BLOCK. - clientToken
-
- Required: Yes
- Type: string
A unique, case-sensitive identifier to ensure idempotency. This means that making the same request multiple times with the same
clientTokenhas the same result every time. - confidenceThreshold
-
- Type: string
The confidence threshold for DNS Firewall Advanced. You must provide this value when you create a DNS Firewall Advanced rule.
- description
-
- Type: string
The description for the Firewall rule.
- dnsAdvancedProtection
-
- Type: string
The type of the DNS Firewall Advanced rule. Valid values are DGA and DNS_TUNNELING.
- firewallRuleId
-
- Required: Yes
- Type: string
The ID of the DNS Firewall rule.
- name
-
- Type: string
The name of the DNS Firewall rule.
- priority
-
- Type: long (int|float)
The setting that determines the processing order of the rule in the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.
Result Syntax
[
'action' => 'ALLOW|ALERT|BLOCK',
'blockOverrideDnsType' => 'CNAME',
'blockOverrideDomain' => '<string>',
'blockOverrideTtl' => <integer>,
'blockResponse' => 'NODATA|NXDOMAIN|OVERRIDE',
'confidenceThreshold' => 'LOW|MEDIUM|HIGH',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnsAdvancedProtection' => 'DGA|DNS_TUNNELING',
'dnsViewId' => '<string>',
'firewallDomainListId' => '<string>',
'id' => '<string>',
'name' => '<string>',
'priority' => <integer>,
'queryType' => '<string>',
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- action
-
- Required: Yes
- Type: string
The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list, or a threat in a DNS Firewall Advanced rule.
- blockOverrideDnsType
-
- Type: string
The DNS record's type. This determines the format of the record value that you provided in
BlockOverrideDomain. Used for the rule actionBLOCKwith aBlockResponsesetting ofOVERRIDE. - blockOverrideDomain
-
- Type: string
The custom DNS record to send back in response to the query. Used for the rule action
BLOCKwith aBlockResponsesetting ofOVERRIDE. - blockOverrideTtl
-
- Type: int
The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action
BLOCKwith aBlockResponsesetting ofOVERRIDE. - blockResponse
-
- Type: string
The way that you want DNS Firewall to block the request. Used for the rule action setting
BLOCK. - confidenceThreshold
-
- Type: string
The confidence threshold for DNS Firewall Advanced. You must provide this value when you create a DNS Firewall Advanced rule.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time and date the Firewall rule was created.
- description
-
- Type: string
The description of the Firewall rule.
- dnsAdvancedProtection
-
- Type: string
The type of the DNS Firewall Advanced rule. Valid values are DGA and DNS_TUNNELING.
- dnsViewId
-
- Required: Yes
- Type: string
The ID of the DNS view the Firewall rule is associated with.
- firewallDomainListId
-
- Type: string
The ID of the domain list associated with the Firewall rule.
- id
-
- Required: Yes
- Type: string
The ID of the Firewall rule.
- name
-
- Required: Yes
- Type: string
The name of the Firewall rule.
- priority
-
- Required: Yes
- Type: long (int|float)
The setting that determines the processing order of the rule in the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.
- queryType
-
- Type: string
The DNS query type you want the rule to evaluate.
- status
-
- Required: Yes
- Type: string
The operational status of the firewall rule.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time and date the rule was updated.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
UpdateGlobalResolver
$result = $client->updateGlobalResolver([/* ... */]); $promise = $client->updateGlobalResolverAsync([/* ... */]);
Updates the configuration of a Route 53 Global Resolver instance. You can modify the name, description, and observability region.
Parameter Syntax
$result = $client->updateGlobalResolver([
'description' => '<string>',
'globalResolverId' => '<string>', // REQUIRED
'name' => '<string>',
'observabilityRegion' => '<string>',
]);
Parameter Details
Members
- description
-
- Type: string
The description of the Global Resolver.
- globalResolverId
-
- Required: Yes
- Type: string
The ID of the Global Resolver.
- name
-
- Type: string
The name of the Global Resolver.
- observabilityRegion
-
- Type: string
The AWS Regions in which the users' Global Resolver query resolution logs will be propagated.
Result Syntax
[
'arn' => '<string>',
'clientToken' => '<string>',
'createdAt' => <DateTime>,
'description' => '<string>',
'dnsName' => '<string>',
'id' => '<string>',
'ipv4Addresses' => ['<string>', ...],
'name' => '<string>',
'observabilityRegion' => '<string>',
'regions' => ['<string>', ...],
'status' => 'CREATING|OPERATIONAL|UPDATING|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the Global Resolver.
- clientToken
-
- Required: Yes
- Type: string
A unique, case-sensitive identifier to ensure idempotency. This means that making the same request multiple times with the same
clientTokenhas the same result every time. - createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time and date the Global Resolverwas created.
- description
-
- Type: string
Description of the Global Resolver.
- dnsName
-
- Required: Yes
- Type: string
The hostname to be used by the customers' DNS clients for certification validation.
- id
-
- Required: Yes
- Type: string
The ID of the Global Resolver.
- ipv4Addresses
-
- Required: Yes
- Type: Array of strings
List of anycast IPv4 addresses associated with the Global Resolver instance.
- name
-
- Required: Yes
- Type: string
Name of the Global Resolver.
- observabilityRegion
-
- Type: string
The AWS Regions in which the users' Global Resolver query resolution logs will be propagated.
- regions
-
- Required: Yes
- Type: Array of strings
The AWS Regions in which the Global Resolver will operate.
- status
-
- Required: Yes
- Type: string
The operational status of the Global Resolver.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time and date the Global Resolver was updated.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
UpdateHostedZoneAssociation
$result = $client->updateHostedZoneAssociation([/* ... */]); $promise = $client->updateHostedZoneAssociationAsync([/* ... */]);
Updates the configuration of a hosted zone association.
Parameter Syntax
$result = $client->updateHostedZoneAssociation([
'hostedZoneAssociationId' => '<string>', // REQUIRED
'name' => '<string>',
]);
Parameter Details
Members
- hostedZoneAssociationId
-
- Required: Yes
- Type: string
The ID of the private hosted zone association.
- name
-
- Type: string
The name you want to update the hosted zone association to.
Result Syntax
[
'createdAt' => <DateTime>,
'hostedZoneId' => '<string>',
'hostedZoneName' => '<string>',
'id' => '<string>',
'name' => '<string>',
'resourceArn' => '<string>',
'status' => 'CREATING|OPERATIONAL|DELETING',
'updatedAt' => <DateTime>,
]
Result Details
Members
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time and date the private hosted zone association was created.
- hostedZoneId
-
- Required: Yes
- Type: string
The ID of the private hosted zone.
- hostedZoneName
-
- Required: Yes
- Type: string
The name of the domain associated with the private hosted zone.
- id
-
- Required: Yes
- Type: string
The ID of the private hosted zone association.
- name
-
- Required: Yes
- Type: string
The name of the private hosted zone association.
- resourceArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the private hosted zone association.
- status
-
- Required: Yes
- Type: string
The operational status of the private hosted zone association.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The time and date the private hosted zone association was updated.
Errors
- InternalServerException:
An internal server error occurred. Try again later.
- ValidationException:
The input parameters are invalid. Check the parameter values and try again.
- ConflictException:
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- AccessDeniedException:
You don't have permission to perform this operation. Check your IAM permissions and try again.
- ThrottlingException:
The request was throttled due to too many requests. Wait a moment and try again.
- ResourceNotFoundException:
The specified resource was not found. Verify the resource ID and try again.
Shapes
AccessDeniedException
Description
You don't have permission to perform this operation. Check your IAM permissions and try again.
Members
- message
-
- Required: Yes
- Type: string
AccessSourcesItem
Description
Summary information about an access source.
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the access source.
- cidr
-
- Required: Yes
- Type: string
The CIDR block that defines the IP address range for the access source.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the access source was created.
- dnsViewId
-
- Required: Yes
- Type: string
The ID of the DNS view that the access source is associated with.
- id
-
- Required: Yes
- Type: string
The unique identifier of the access source.
- ipAddressType
-
- Required: Yes
- Type: string
The IP address type of the access source.
- name
-
- Type: string
The name of the access source.
- protocol
-
- Required: Yes
- Type: string
The protocol used by the access source.
- status
-
- Required: Yes
- Type: string
The current status of the access source.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the access source was last updated.
AccessTokenItem
Description
Summary information about a token.
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the token.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the token was created.
- dnsViewId
-
- Required: Yes
- Type: string
The ID of the DNS view associated with the token.
- expiresAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the token expires.
- globalResolverId
-
- Required: Yes
- Type: string
The ID of the global resolver associated with the token.
- id
-
- Required: Yes
- Type: string
The unique identifier of the token.
- name
-
- Type: string
The name of the token.
- status
-
- Required: Yes
- Type: string
The current status of the token.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the token was last updated.
BatchCreateFirewallRuleInputItem
Description
Information about a DNS Firewall rule to create in a batch operation.
Members
- action
-
- Required: Yes
- Type: string
The action to take when a DNS query matches the firewall rule.
- blockOverrideDnsType
-
- Type: string
The DNS record type for the custom response when the action is BLOCK.
- blockOverrideDomain
-
- Type: string
The custom domain name for the BLOCK response.
- blockOverrideTtl
-
- Type: int
The TTL value for the custom response when the action is BLOCK.
- blockResponse
-
- Type: string
The type of block response to return when the action is BLOCK.
- clientToken
-
- Required: Yes
- Type: string
A unique string that identifies the request and ensures idempotency.
- confidenceThreshold
-
- Type: string
The confidence threshold for advanced threat detection.
- description
-
- Type: string
A description of the firewall rule.
- dnsAdvancedProtection
-
- Type: string
Whether to enable advanced DNS threat protection for the firewall rule.
- dnsViewId
-
- Required: Yes
- Type: string
The ID of the DNS view to associate the firewall rule with.
- firewallDomainListId
-
- Type: string
The ID of the firewall domain list to associate with the rule.
- name
-
- Required: Yes
- Type: string
A name for the firewall rule.
- priority
-
- Type: long (int|float)
The priority of the firewall rule.
- qType
-
- Type: string
The DNS query type that the firewall rule should match.
BatchCreateFirewallRuleOutputItem
Description
Information about the result of creating a DNS Firewall rule in a batch operation.
Members
- code
-
- Required: Yes
- Type: int
The HTTP response code for the batch operation result.
- firewallRule
-
- Required: Yes
- Type: BatchCreateFirewallRuleResult structure
The firewall rule that was created in the batch operation.
- message
-
- Type: string
A message describing the result of the batch operation, including error details if applicable.
BatchCreateFirewallRuleResult
Description
The result of creating a firewall rule in a batch operation.
Members
- action
-
- Required: Yes
- Type: string
The action configured for the created firewall rule.
- blockOverrideDnsType
-
- Type: string
The DNS record type configured for the created firewall rule's custom response.
- blockOverrideDomain
-
- Type: string
The custom domain name configured for the created firewall rule's BLOCK response.
- blockOverrideTtl
-
- Type: int
The TTL value configured for the created firewall rule's custom response.
- blockResponse
-
- Type: string
The type of block response configured for the created firewall rule.
- clientToken
-
- Required: Yes
- Type: string
The unique string that identified the request and ensured idempotency.
- confidenceThreshold
-
- Type: string
The confidence threshold configured for the created firewall rule's advanced threat detection.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the firewall rule was created.
- description
-
- Type: string
The description of the created firewall rule.
- dnsAdvancedProtection
-
- Type: string
Whether advanced DNS threat protection is enabled for the created firewall rule.
- dnsViewId
-
- Required: Yes
- Type: string
The ID of the DNS view associated with the created firewall rule.
- firewallDomainListId
-
- Type: string
The ID of the firewall domain list associated with the created firewall rule.
- id
-
- Type: string
The unique identifier of the created firewall rule.
- managedDomainListName
-
- Type: string
The name of the managed domain list associated with the created firewall rule.
- name
-
- Required: Yes
- Type: string
The name of the created firewall rule.
- priority
-
- Type: long (int|float)
The priority of the created firewall rule.
- queryType
-
- Type: string
The DNS query type that the created firewall rule matches.
- status
-
- Type: string
The current status of the created firewall rule.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the firewall rule was last updated.
BatchDeleteFirewallRuleInputItem
Description
Information about a DNS Firewall rule to delete in a batch operation.
Members
- firewallRuleId
-
- Required: Yes
- Type: string
The ID of the DNS Firewall rule to delete.
BatchDeleteFirewallRuleOutputItem
Description
The result of deleting a firewall rule in a batch operation.
Members
- code
-
- Required: Yes
- Type: int
The response code for the delete operation.
- firewallRule
-
- Required: Yes
- Type: BatchDeleteFirewallRuleResult structure
The firewall rule that was deleted in the batch operation.
- message
-
- Type: string
The response message for the delete operation.
BatchDeleteFirewallRuleResult
Description
Information about a firewall rule that was deleted in a batch operation.
Members
- clientToken
-
- Type: string
The unique string that identified the request and ensured idempotency.
- id
-
- Required: Yes
- Type: string
The unique identifier of the deleted firewall rule.
- name
-
- Type: string
The name of the deleted firewall rule.
- status
-
- Type: string
The final status of the deleted firewall rule.
BatchUpdateFirewallRuleInputItem
Description
Information for updating a firewall rule in a batch operation.
Members
- action
-
- Type: string
The action to take when a DNS query matches the firewall rule.
- blockOverrideDnsType
-
- Type: string
The DNS record type for the custom response when the action is BLOCK.
- blockOverrideDomain
-
- Type: string
The custom domain name for the BLOCK response.
- blockOverrideTtl
-
- Type: int
The TTL value for the custom response when the action is BLOCK.
- blockResponse
-
- Type: string
The type of block response to return when the action is BLOCK.
- confidenceThreshold
-
- Type: string
The confidence threshold for advanced threat detection.
- description
-
- Type: string
A description of the firewall rule.
- dnsAdvancedProtection
-
- Type: string
Whether to enable advanced DNS threat protection for the firewall rule.
- firewallRuleId
-
- Required: Yes
- Type: string
The unique identifier of the firewall rule to update.
- name
-
- Type: string
A name for the firewall rule.
- priority
-
- Type: long (int|float)
The priority of the firewall rule.
BatchUpdateFirewallRuleOutputItem
Description
The result of updating a firewall rule in a batch operation.
Members
- code
-
- Required: Yes
- Type: int
The response code for the update operation.
- firewallRule
-
- Required: Yes
- Type: BatchUpdateFirewallRuleResult structure
The firewall rule that was updated in the batch operation.
- message
-
- Type: string
The response message for the update operation.
BatchUpdateFirewallRuleResult
Description
Information about a firewall rule that was updated in a batch operation.
Members
- action
-
- Type: string
The action configured for the updated firewall rule.
- blockOverrideDnsType
-
- Type: string
The DNS record type configured for the updated firewall rule's custom response.
- blockOverrideDomain
-
- Type: string
The custom domain name configured for the updated firewall rule's BLOCK response.
- blockOverrideTtl
-
- Type: int
The TTL value configured for the updated firewall rule's custom response.
- blockResponse
-
- Type: string
The type of block response configured for the updated firewall rule.
- clientToken
-
- Type: string
The unique string that identified the request and ensured idempotency.
- confidenceThreshold
-
- Type: string
The confidence threshold configured for the updated firewall rule's advanced threat detection.
- createdAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the firewall rule was originally created.
- description
-
- Type: string
The description of the updated firewall rule.
- dnsAdvancedProtection
-
- Type: string
Whether advanced DNS threat protection is enabled for the updated firewall rule.
- dnsViewId
-
- Type: string
The ID of the DNS view associated with the updated firewall rule.
- firewallDomainListId
-
- Type: string
The ID of the firewall domain list associated with the updated firewall rule.
- id
-
- Required: Yes
- Type: string
The unique identifier of the updated firewall rule.
- name
-
- Type: string
The name of the updated firewall rule.
- priority
-
- Type: long (int|float)
The priority of the updated firewall rule.
- queryType
-
- Type: string
The DNS query type that the updated firewall rule matches.
- status
-
- Type: string
The current status of the updated firewall rule.
- updatedAt
-
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the firewall rule was last updated.
ConflictException
Description
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
Members
- message
-
- Required: Yes
- Type: string
- resourceId
-
- Type: string
The ID of the conflicting resource.
- resourceType
-
- Required: Yes
- Type: string
The type of the conflicting resource.
DNSViewSummary
Description
Summary information about a DNS view.
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the DNS view.
- clientToken
-
- Required: Yes
- Type: string
The unique string that identifies the request and ensures idempotency.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the DNS view was created.
- description
-
- Type: string
A description of the DNS view.
- dnssecValidation
-
- Required: Yes
- Type: string
Whether DNSSEC validation is enabled for the DNS view.
- ednsClientSubnet
-
- Required: Yes
- Type: string
Whether EDNS Client Subnet injection is enabled for the DNS view.
- firewallRulesFailOpen
-
- Required: Yes
- Type: string
Whether firewall rules fail open when they cannot be evaluated.
- globalResolverId
-
- Required: Yes
- Type: string
The ID of the global resolver that the DNS view is associated with.
- id
-
- Required: Yes
- Type: string
The unique identifier of the DNS view.
- name
-
- Required: Yes
- Type: string
The name of the DNS view.
- status
-
- Required: Yes
- Type: string
The current status of the DNS view.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the DNS view was last updated.
FirewallDomainListsItem
Description
Summary information about a firewall domain list.
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the firewall domain list.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the firewall domain list was created.
- description
-
- Type: string
A description of the firewall domain list.
- globalResolverId
-
- Required: Yes
- Type: string
The ID of the global resolver that the firewall domain list is associated with.
- id
-
- Required: Yes
- Type: string
The unique identifier of the firewall domain list.
- name
-
- Required: Yes
- Type: string
The name of the firewall domain list.
- status
-
- Required: Yes
- Type: string
The current status of the firewall domain list.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the firewall domain list was last updated.
FirewallRulesItem
Description
Summary information about a firewall rule.
Members
- action
-
- Required: Yes
- Type: string
The action configured for the firewall rule.
- blockOverrideDnsType
-
- Type: string
The DNS record type configured for the firewall rule's custom response.
- blockOverrideDomain
-
- Type: string
The custom domain name configured for the firewall rule's BLOCK response.
- blockOverrideTtl
-
- Type: int
The TTL value configured for the firewall rule's custom response.
- blockResponse
-
- Type: string
The type of block response configured for the firewall rule.
- confidenceThreshold
-
- Type: string
The confidence threshold configured for the firewall rule's advanced threat detection.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the firewall rule was created.
- description
-
- Type: string
The description of the firewall rule.
- dnsAdvancedProtection
-
- Type: string
Whether advanced DNS threat protection is enabled for the firewall rule.
- dnsViewId
-
- Required: Yes
- Type: string
The ID of the DNS view associated with the firewall rule.
- firewallDomainListId
-
- Type: string
The ID of the firewall domain list associated with the firewall rule.
- id
-
- Required: Yes
- Type: string
The unique identifier of the firewall rule.
- name
-
- Required: Yes
- Type: string
The name of the firewall rule.
- priority
-
- Required: Yes
- Type: long (int|float)
The priority of the firewall rule.
- queryType
-
- Type: string
The DNS query type that the firewall rule matches.
- status
-
- Required: Yes
- Type: string
The current status of the firewall rule.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the firewall rule was last updated.
GlobalResolversItem
Description
Summary information about a global resolver.
Members
- arn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the global resolver.
- clientToken
-
- Required: Yes
- Type: string
The unique string that identifies the request and ensures idempotency.
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the global resolver was created.
- description
-
- Type: string
A description of the global resolver.
- dnsName
-
- Required: Yes
- Type: string
The DNS name of the global resolver.
- id
-
- Required: Yes
- Type: string
The unique identifier of the global resolver.
- ipv4Addresses
-
- Required: Yes
- Type: Array of strings
The IPv4 addresses assigned to the global resolver.
- name
-
- Required: Yes
- Type: string
The name of the global resolver.
- observabilityRegion
-
- Type: string
The AWS Region where observability data is collected for the global resolver.
- regions
-
- Required: Yes
- Type: Array of strings
The AWS Regions where the global resolver is deployed.
- status
-
- Required: Yes
- Type: string
The current status of the global resolver.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the global resolver was last updated.
HostedZoneAssociationSummary
Description
Summary information about a hosted zone association.
Members
- createdAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the hosted zone association was created.
- hostedZoneId
-
- Required: Yes
- Type: string
The ID of the hosted zone.
- hostedZoneName
-
- Required: Yes
- Type: string
The name of the hosted zone.
- id
-
- Required: Yes
- Type: string
The unique identifier of the hosted zone association.
- name
-
- Required: Yes
- Type: string
The name of the hosted zone association.
- resourceArn
-
- Required: Yes
- Type: string
The Amazon Resource Name (ARN) of the resource associated with the hosted zone.
- status
-
- Required: Yes
- Type: string
The current status of the hosted zone association.
- updatedAt
-
- Required: Yes
- Type: timestamp (string|DateTime or anything parsable by strtotime)
The date and time when the hosted zone association was last updated.
InternalServerException
Description
An internal server error occurred. Try again later.
Members
- message
-
- Required: Yes
- Type: string
- retryAfterSeconds
-
- Type: int
Number of seconds in which the caller can retry the request.
ManagedFirewallDomainListsItem
Description
Summary information about a managed firewall domain list.
Members
- description
-
- Type: string
A description of the managed firewall domain list.
- id
-
- Required: Yes
- Type: string
The unique identifier of the managed firewall domain list.
- managedListType
-
- Required: Yes
- Type: string
The type of the managed firewall domain list.
- name
-
- Required: Yes
- Type: string
The name of the managed firewall domain list.
ResourceNotFoundException
Description
The specified resource was not found. Verify the resource ID and try again.
Members
- message
-
- Required: Yes
- Type: string
- resourceId
-
- Type: string
The unique ID of the resource referenced in the failed request.
- resourceType
-
- Required: Yes
- Type: string
The resource type of the resource referenced in the failed request.
ServiceQuotaExceededException
Description
The request would exceed one or more service quotas. Check your current usage and quotas, then try again.
Members
- message
-
- Required: Yes
- Type: string
- quotaCode
-
- Type: string
The quota code recognized by the AWS Service Quotas service.
- resourceId
-
- Type: string
The unique ID of the resource referenced in the failed request.
- resourceType
-
- Required: Yes
- Type: string
The resource type of the resource referenced in the failed request.
- serviceCode
-
- Type: string
The code for the AWS service that owns the quota.
ThrottlingException
Description
The request was throttled due to too many requests. Wait a moment and try again.
Members
- message
-
- Required: Yes
- Type: string
- quotaCode
-
- Type: string
The quota code recognized by the AWS Service Quotas service.
- retryAfterSeconds
-
- Type: int
Number of seconds in which the caller can retry the request.
- serviceCode
-
- Type: string
The code for the AWS service that owns the quota.
ValidationException
Description
The input parameters are invalid. Check the parameter values and try again.
Members
- fieldList
-
- Type: Array of ValidationExceptionField structures
The list of fields that aren't valid.
- message
-
- Required: Yes
- Type: string
- reason
-
- Required: Yes
- Type: string
Reason the request failed validation.
ValidationExceptionField
Description
Information about a field that failed validation.
Members
- message
-
- Required: Yes
- Type: string
The validation error message for the field.
- name
-
- Required: Yes
- Type: string
The name of the field that failed validation.