// Code generated by smithy-go-codegen DO NOT EDIT. package types import ( smithydocument "github.com/aws/smithy-go/document" ) // For Resolver list operations ( ListResolverEndpoints (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverEndpoints.html) // , ListResolverRules (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverRules.html) // , ListResolverRuleAssociations (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverRuleAssociations.html) // , ListResolverQueryLogConfigs (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverQueryLogConfigs.html) // , ListResolverQueryLogConfigAssociations (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverQueryLogConfigAssociations.html) // ), and ListResolverDnssecConfigs (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverDnssecConfigs.html) // ), an optional specification to return a subset of objects. To filter objects, // such as Resolver endpoints or Resolver rules, you specify Name and Values . For // example, to list only inbound Resolver endpoints, specify Direction for Name // and specify INBOUND for Values . type Filter struct { // The name of the parameter that you want to use to filter objects. The valid // values for Name depend on the action that you're including the filter in, // ListResolverEndpoints (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverEndpoints.html) // , ListResolverRules (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverRules.html) // , ListResolverRuleAssociations (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverRuleAssociations.html) // , ListResolverQueryLogConfigs (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverQueryLogConfigs.html) // , or ListResolverQueryLogConfigAssociations (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverQueryLogConfigAssociations.html) // . In early versions of Resolver, values for Name were listed as uppercase, with // underscore (_) delimiters. For example, CreatorRequestId was originally listed // as CREATOR_REQUEST_ID . Uppercase values for Name are still supported. // ListResolverEndpoints Valid values for Name include the following: // - CreatorRequestId : The value that you specified when you created the // Resolver endpoint. // - Direction : Whether you want to return inbound or outbound Resolver // endpoints. If you specify DIRECTION for Name , specify INBOUND or OUTBOUND for // Values . // - HostVPCId : The ID of the VPC that inbound DNS queries pass through on the // way from your network to your VPCs in a region, or the VPC that outbound queries // pass through on the way from your VPCs to your network. In a // CreateResolverEndpoint (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverEndpoint.html) // request, SubnetId indirectly identifies the VPC. In a GetResolverEndpoint (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverEndpoint.html) // request, the VPC ID for a Resolver endpoint is returned in the HostVPCId // element. // - IpAddressCount : The number of IP addresses that you have associated with // the Resolver endpoint. // - Name : The name of the Resolver endpoint. // - SecurityGroupIds : The IDs of the VPC security groups that you specified // when you created the Resolver endpoint. // - Status : The status of the Resolver endpoint. If you specify Status for Name // , specify one of the following status codes for Values : CREATING , // OPERATIONAL , UPDATING , AUTO_RECOVERING , ACTION_NEEDED , or DELETING . For // more information, see Status in ResolverEndpoint (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ResolverEndpoint.html) // . // ListResolverRules Valid values for Name include the following: // - CreatorRequestId : The value that you specified when you created the // Resolver rule. // - DomainName : The domain name for which Resolver is forwarding DNS queries to // your network. In the value that you specify for Values , include a trailing // dot (.) after the domain name. For example, if the domain name is example.com, // specify the following value. Note the "." after com : example.com. // - Name : The name of the Resolver rule. // - ResolverEndpointId : The ID of the Resolver endpoint that the Resolver rule // is associated with. You can filter on the Resolver endpoint only for rules that // have a value of FORWARD for RuleType . // - Status : The status of the Resolver rule. If you specify Status for Name , // specify one of the following status codes for Values : COMPLETE , DELETING , // UPDATING , or FAILED . // - Type : The type of the Resolver rule. If you specify TYPE for Name , specify // FORWARD or SYSTEM for Values . // ListResolverRuleAssociations Valid values for Name include the following: // - Name : The name of the Resolver rule association. // - ResolverRuleId : The ID of the Resolver rule that is associated with one or // more VPCs. // - Status : The status of the Resolver rule association. If you specify Status // for Name , specify one of the following status codes for Values : CREATING , // COMPLETE , DELETING , or FAILED . // - VPCId : The ID of the VPC that the Resolver rule is associated with. // ListResolverQueryLogConfigs Valid values for Name include the following: // - Arn : The ARN for the query logging configuration. // - AssociationCount : The number of VPCs that are associated with the query // logging configuration. // - CreationTime : The date and time that the query logging configuration was // created, in Unix time format and Coordinated Universal Time (UTC). // - CreatorRequestId : A unique string that identifies the request that created // the query logging configuration. // - Destination : The Amazon Web Services service that you want to forward query // logs to. Valid values include the following: // - S3 // - CloudWatchLogs // - KinesisFirehose // - DestinationArn : The ARN of the location that Resolver is sending query logs // to. This value can be the ARN for an S3 bucket, a CloudWatch Logs log group, or // a Kinesis Data Firehose delivery stream. // - Id : The ID of the query logging configuration // - Name : The name of the query logging configuration // - OwnerId : The Amazon Web Services account ID for the account that created // the query logging configuration. // - ShareStatus : An indication of whether the query logging configuration is // shared with other Amazon Web Services accounts, or was shared with the current // account by another Amazon Web Services account. Valid values include: // NOT_SHARED , SHARED_WITH_ME , or SHARED_BY_ME . // - Status : The status of the query logging configuration. If you specify // Status for Name , specify the applicable status code for Values : CREATING , // CREATED , DELETING , or FAILED . For more information, see Status (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ResolverQueryLogConfig.html#Route53Resolver-Type-route53resolver_ResolverQueryLogConfig-Status) // . // ListResolverQueryLogConfigAssociations Valid values for Name include the // following: // - CreationTime : The date and time that the VPC was associated with the query // logging configuration, in Unix time format and Coordinated Universal Time (UTC). // // - Error : If the value of Status is FAILED , specify the cause: // DESTINATION_NOT_FOUND or ACCESS_DENIED . // - Id : The ID of the query logging association. // - ResolverQueryLogConfigId : The ID of the query logging configuration that a // VPC is associated with. // - ResourceId : The ID of the Amazon VPC that is associated with the query // logging configuration. // - Status : The status of the query logging association. If you specify Status // for Name , specify the applicable status code for Values : CREATING , CREATED // , DELETING , or FAILED . For more information, see Status (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ResolverQueryLogConfigAssociation.html#Route53Resolver-Type-route53resolver_ResolverQueryLogConfigAssociation-Status) // . Name *string // When you're using a List operation and you want the operation to return a // subset of objects, such as Resolver endpoints or Resolver rules, the value of // the parameter that you want to use to filter objects. For example, to list only // inbound Resolver endpoints, specify Direction for Name and specify INBOUND for // Values . Values []string noSmithyDocumentSerde } // Configuration of the firewall behavior provided by DNS Firewall for a single // VPC from Amazon Virtual Private Cloud (Amazon VPC). type FirewallConfig struct { // Determines how DNS Firewall operates during failures, for example when all // traffic that is sent to DNS Firewall fails to receive a reply. // - By default, fail open is disabled, which means the failure mode is closed. // This approach favors security over availability. DNS Firewall returns a failure // error when it is unable to properly evaluate a query. // - If you enable this option, the failure mode is open. This approach favors // availability over security. DNS Firewall allows queries to proceed if it is // unable to properly evaluate them. // This behavior is only enforced for VPCs that have at least one DNS Firewall // rule group association. FirewallFailOpen FirewallFailOpenStatus // The ID of the firewall configuration. Id *string // The Amazon Web Services account ID of the owner of the VPC that this firewall // configuration applies to. OwnerId *string // The ID of the VPC that this firewall configuration applies to. ResourceId *string noSmithyDocumentSerde } // High-level information about a list of firewall domains for use in a // FirewallRule . This is returned by GetFirewallDomainList . To retrieve the // domains that are defined for this domain list, call ListFirewallDomains . type FirewallDomainList struct { // The Amazon Resource Name (ARN) of the firewall domain list. Arn *string // The date and time that the domain list was created, in Unix time format and // Coordinated Universal Time (UTC). CreationTime *string // A unique string defined by you to identify the request. This allows you to // retry failed requests without the risk of running the operation twice. This can // be any unique string, for example, a timestamp. CreatorRequestId *string // The number of domain names that are specified in the domain list. DomainCount *int32 // The ID of the domain list. Id *string // The owner of the list, used only for lists that are not managed by you. For // example, the managed domain list AWSManagedDomainsMalwareDomainList has the // managed owner name Route 53 Resolver DNS Firewall . ManagedOwnerName *string // The date and time that the domain list was last modified, in Unix time format // and Coordinated Universal Time (UTC). ModificationTime *string // The name of the domain list. Name *string // The status of the domain list. Status FirewallDomainListStatus // Additional information about the status of the list, if available. StatusMessage *string noSmithyDocumentSerde } // Minimal high-level information for a firewall domain list. The action // ListFirewallDomainLists returns an array of these objects. To retrieve full // information for a firewall domain list, call GetFirewallDomainList and // ListFirewallDomains . type FirewallDomainListMetadata struct { // The Amazon Resource Name (ARN) of the firewall domain list metadata. Arn *string // A unique string defined by you to identify the request. This allows you to // retry failed requests without the risk of running the operation twice. This can // be any unique string, for example, a timestamp. CreatorRequestId *string // The ID of the domain list. Id *string // The owner of the list, used only for lists that are not managed by you. For // example, the managed domain list AWSManagedDomainsMalwareDomainList has the // managed owner name Route 53 Resolver DNS Firewall . ManagedOwnerName *string // The name of the domain list. Name *string noSmithyDocumentSerde } // A single firewall rule in a rule group. type FirewallRule struct { // The action that DNS Firewall should take on a DNS query when it matches one of // the domains in the rule's domain list: // - ALLOW - Permit the request to go through. // - ALERT - Permit the request to go through but send an alert to the logs. // - BLOCK - Disallow the request. If this is specified, additional handling // details are provided in the rule's BlockResponse setting. Action Action // The DNS record's type. This determines the format of the record value that you // provided in BlockOverrideDomain . Used for the rule action BLOCK with a // BlockResponse setting of OVERRIDE . BlockOverrideDnsType BlockOverrideDnsType // The custom DNS record to send back in response to the query. Used for the rule // action BLOCK with a BlockResponse setting of OVERRIDE . BlockOverrideDomain *string // The recommended amount of time, in seconds, for the DNS resolver or web browser // to cache the provided override record. Used for the rule action BLOCK with a // BlockResponse setting of OVERRIDE . BlockOverrideTtl *int32 // The way that you want DNS Firewall to block the request. Used for the rule // action setting BLOCK . // - NODATA - Respond indicating that the query was successful, but no response // is available for it. // - NXDOMAIN - Respond indicating that the domain name that's in the query // doesn't exist. // - OVERRIDE - Provide a custom override in the response. This option requires // custom handling details in the rule's BlockOverride* settings. BlockResponse BlockResponse // The date and time that the rule was created, in Unix time format and // Coordinated Universal Time (UTC). CreationTime *string // A unique string defined by you to identify the request. This allows you to // retry failed requests without the risk of executing the operation twice. This // can be any unique string, for example, a timestamp. CreatorRequestId *string // The ID of the domain list that's used in the rule. FirewallDomainListId *string // The unique identifier of the firewall rule group of the rule. FirewallRuleGroupId *string // The date and time that the rule was last modified, in Unix time format and // Coordinated Universal Time (UTC). ModificationTime *string // The name of the rule. Name *string // The priority of the rule in the rule group. This value must be unique within // the rule group. DNS Firewall processes the rules in a rule group by order of // priority, starting from the lowest setting. Priority *int32 noSmithyDocumentSerde } // High-level information for a firewall rule group. A firewall rule group is a // collection of rules that DNS Firewall uses to filter DNS network traffic for a // VPC. To retrieve the rules for the rule group, call ListFirewallRules . type FirewallRuleGroup struct { // The ARN (Amazon Resource Name) of the rule group. Arn *string // The date and time that the rule group was created, in Unix time format and // Coordinated Universal Time (UTC). CreationTime *string // A unique string defined by you to identify the request. This allows you to // retry failed requests without the risk of running the operation twice. This can // be any unique string, for example, a timestamp. CreatorRequestId *string // The ID of the rule group. Id *string // The date and time that the rule group was last modified, in Unix time format // and Coordinated Universal Time (UTC). ModificationTime *string // The name of the rule group. Name *string // The Amazon Web Services account ID for the account that created the rule group. // When a rule group is shared with your account, this is the account that has // shared the rule group with you. OwnerId *string // The number of rules in the rule group. RuleCount *int32 // Whether the rule group is shared with other Amazon Web Services accounts, or // was shared with the current account by another Amazon Web Services account. // Sharing is configured through Resource Access Manager (RAM). ShareStatus ShareStatus // The status of the domain list. Status FirewallRuleGroupStatus // Additional information about the status of the rule group, if available. StatusMessage *string noSmithyDocumentSerde } // An association between a firewall rule group and a VPC, which enables DNS // filtering for the VPC. type FirewallRuleGroupAssociation struct { // The Amazon Resource Name (ARN) of the firewall rule group association. Arn *string // The date and time that the association was created, in Unix time format and // Coordinated Universal Time (UTC). CreationTime *string // A unique string defined by you to identify the request. This allows you to // retry failed requests without the risk of running the operation twice. This can // be any unique string, for example, a timestamp. CreatorRequestId *string // The unique identifier of the firewall rule group. FirewallRuleGroupId *string // The identifier for the association. Id *string // The owner of the association, used only for associations that are not managed // by you. If you use Firewall Manager to manage your DNS Firewalls, then this // reports Firewall Manager as the managed owner. ManagedOwnerName *string // The date and time that the association was last modified, in Unix time format // and Coordinated Universal Time (UTC). ModificationTime *string // If enabled, this setting disallows modification or removal of the association, // to help prevent against accidentally altering DNS firewall protections. MutationProtection MutationProtectionStatus // The name of the association. Name *string // The setting that determines the processing order of the rule group among the // rule groups that are associated with a single VPC. DNS Firewall filters VPC // traffic starting from rule group with the lowest numeric priority setting. Priority *int32 // The current status of the association. Status FirewallRuleGroupAssociationStatus // Additional information about the status of the response, if available. StatusMessage *string // The unique identifier of the VPC that is associated with the rule group. VpcId *string noSmithyDocumentSerde } // Minimal high-level information for a firewall rule group. The action // ListFirewallRuleGroups returns an array of these objects. To retrieve full // information for a firewall rule group, call GetFirewallRuleGroup and // ListFirewallRules . type FirewallRuleGroupMetadata struct { // The ARN (Amazon Resource Name) of the rule group. Arn *string // A unique string defined by you to identify the request. This allows you to // retry failed requests without the risk of running the operation twice. This can // be any unique string, for example, a timestamp. CreatorRequestId *string // The ID of the rule group. Id *string // The name of the rule group. Name *string // The Amazon Web Services account ID for the account that created the rule group. // When a rule group is shared with your account, this is the account that has // shared the rule group with you. OwnerId *string // Whether the rule group is shared with other Amazon Web Services accounts, or // was shared with the current account by another Amazon Web Services account. // Sharing is configured through Resource Access Manager (RAM). ShareStatus ShareStatus noSmithyDocumentSerde } // In a CreateResolverEndpoint (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverEndpoint.html) // request, the IP address that DNS queries originate from (for outbound endpoints) // or that you forward DNS queries to (for inbound endpoints). IpAddressRequest // also includes the ID of the subnet that contains the IP address. type IpAddressRequest struct { // The ID of the subnet that contains the IP address. // // This member is required. SubnetId *string // The IPv4 address that you want to use for DNS queries. Ip *string // The IPv6 address that you want to use for DNS queries. Ipv6 *string noSmithyDocumentSerde } // In the response to a GetResolverEndpoint (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverEndpoint.html) // request, information about the IP addresses that the Resolver endpoint uses for // DNS queries. type IpAddressResponse struct { // The date and time that the IP address was created, in Unix time format and // Coordinated Universal Time (UTC). CreationTime *string // One IPv4 address that the Resolver endpoint uses for DNS queries. Ip *string // The ID of one IP address. IpId *string // One IPv6 address that the Resolver endpoint uses for DNS queries. Ipv6 *string // The date and time that the IP address was last modified, in Unix time format // and Coordinated Universal Time (UTC). ModificationTime *string // A status code that gives the current status of the request. Status IpAddressStatus // A message that provides additional information about the status of the request. StatusMessage *string // The ID of one subnet. SubnetId *string noSmithyDocumentSerde } // In an UpdateResolverEndpoint (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateResolverEndpoint.html) // request, information about an IP address to update. type IpAddressUpdate struct { // The new IPv4 address. Ip *string // Only when removing an IP address from a Resolver endpoint: The ID of the IP // address that you want to remove. To get this ID, use GetResolverEndpoint (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverEndpoint.html) // . IpId *string // The new IPv6 address. Ipv6 *string // The ID of the subnet that includes the IP address that you want to update. To // get this ID, use GetResolverEndpoint (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverEndpoint.html) // . SubnetId *string noSmithyDocumentSerde } // A complex type that contains settings for an existing Resolver on an Outpost. type OutpostResolver struct { // The ARN (Amazon Resource Name) for the Resolver on an Outpost. Arn *string // The date and time that the Outpost Resolver was created, in Unix time format // and Coordinated Universal Time (UTC). CreationTime *string // A unique string that identifies the request that created the Resolver endpoint. // The CreatorRequestId allows failed requests to be retried without the risk of // running the operation twice. CreatorRequestId *string // The ID of the Resolver on Outpost. Id *string // Amazon EC2 instance count for the Resolver on the Outpost. InstanceCount *int32 // The date and time that the Outpost Resolver was modified, in Unix time format // and Coordinated Universal Time (UTC). ModificationTime *string // Name of the Resolver. Name *string // The ARN (Amazon Resource Name) for the Outpost. OutpostArn *string // The Amazon EC2 instance type. PreferredInstanceType *string // Status of the Resolver. Status OutpostResolverStatus // A detailed description of the Resolver. StatusMessage *string noSmithyDocumentSerde } // A complex type that contains information about a Resolver configuration for a // VPC. type ResolverConfig struct { // The status of whether or not the Resolver will create autodefined rules for // reverse DNS lookups. This is enabled by default. The status can be one of // following: // - ENABLING: Autodefined rules for reverse DNS lookups are being enabled but // are not complete. // - ENABLED: Autodefined rules for reverse DNS lookups are enabled. // - DISABLING: Autodefined rules for reverse DNS lookups are being disabled but // are not complete. // - DISABLED: Autodefined rules for reverse DNS lookups are disabled. AutodefinedReverse ResolverAutodefinedReverseStatus // ID for the Resolver configuration. Id *string // The owner account ID of the Amazon Virtual Private Cloud VPC. OwnerId *string // The ID of the Amazon Virtual Private Cloud VPC that you're configuring Resolver // for. ResourceId *string noSmithyDocumentSerde } // A complex type that contains information about a configuration for DNSSEC // validation. type ResolverDnssecConfig struct { // The ID for a configuration for DNSSEC validation. Id *string // The owner account ID of the virtual private cloud (VPC) for a configuration for // DNSSEC validation. OwnerId *string // The ID of the virtual private cloud (VPC) that you're configuring the DNSSEC // validation status for. ResourceId *string // The validation status for a DNSSEC configuration. The status can be one of the // following: // - ENABLING: DNSSEC validation is being enabled but is not complete. // - ENABLED: DNSSEC validation is enabled. // - DISABLING: DNSSEC validation is being disabled but is not complete. // - DISABLED DNSSEC validation is disabled. ValidationStatus ResolverDNSSECValidationStatus noSmithyDocumentSerde } // In the response to a CreateResolverEndpoint (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverEndpoint.html) // , DeleteResolverEndpoint (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteResolverEndpoint.html) // , GetResolverEndpoint (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverEndpoint.html) // , Updates the name, or ResolverEndpointType for an endpoint, or // UpdateResolverEndpoint (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateResolverEndpoint.html) // request, a complex type that contains settings for an existing inbound or // outbound Resolver endpoint. type ResolverEndpoint struct { // The ARN (Amazon Resource Name) for the Resolver endpoint. Arn *string // The date and time that the endpoint was created, in Unix time format and // Coordinated Universal Time (UTC). CreationTime *string // A unique string that identifies the request that created the Resolver endpoint. // The CreatorRequestId allows failed requests to be retried without the risk of // running the operation twice. CreatorRequestId *string // Indicates whether the Resolver endpoint allows inbound or outbound DNS queries: // - INBOUND : allows DNS queries to your VPC from your network // - OUTBOUND : allows DNS queries from your VPC to your network Direction ResolverEndpointDirection // The ID of the VPC that you want to create the Resolver endpoint in. HostVPCId *string // The ID of the Resolver endpoint. Id *string // The number of IP addresses that the Resolver endpoint can use for DNS queries. IpAddressCount *int32 // The date and time that the endpoint was last modified, in Unix time format and // Coordinated Universal Time (UTC). ModificationTime *string // The name that you assigned to the Resolver endpoint when you submitted a // CreateResolverEndpoint (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverEndpoint.html) // request. Name *string // The ARN (Amazon Resource Name) for the Outpost. OutpostArn *string // The Amazon EC2 instance type. PreferredInstanceType *string // The Resolver endpoint IP address type. ResolverEndpointType ResolverEndpointType // The ID of one or more security groups that control access to this VPC. The // security group must include one or more inbound rules (for inbound endpoints) or // outbound rules (for outbound endpoints). Inbound and outbound rules must allow // TCP and UDP access. For inbound access, open port 53. For outbound access, open // the port that you're using for DNS queries on your network. SecurityGroupIds []string // A code that specifies the current status of the Resolver endpoint. Valid values // include the following: // - CREATING : Resolver is creating and configuring one or more Amazon VPC // network interfaces for this endpoint. // - OPERATIONAL : The Amazon VPC network interfaces for this endpoint are // correctly configured and able to pass inbound or outbound DNS queries between // your network and Resolver. // - UPDATING : Resolver is associating or disassociating one or more network // interfaces with this endpoint. // - AUTO_RECOVERING : Resolver is trying to recover one or more of the network // interfaces that are associated with this endpoint. During the recovery process, // the endpoint functions with limited capacity because of the limit on the number // of DNS queries per IP address (per network interface). For the current limit, // see Limits on Route 53 Resolver (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DNSLimitations.html#limits-api-entities-resolver) // . // - ACTION_NEEDED : This endpoint is unhealthy, and Resolver can't automatically // recover it. To resolve the problem, we recommend that you check each IP address // that you associated with the endpoint. For each IP address that isn't available, // add another IP address and then delete the IP address that isn't available. (An // endpoint must always include at least two IP addresses.) A status of // ACTION_NEEDED can have a variety of causes. Here are two common causes: // - One or more of the network interfaces that are associated with the endpoint // were deleted using Amazon VPC. // - The network interface couldn't be created for some reason that's outside // the control of Resolver. // - DELETING : Resolver is deleting this endpoint and the associated network // interfaces. Status ResolverEndpointStatus // A detailed description of the status of the Resolver endpoint. StatusMessage *string noSmithyDocumentSerde } // In the response to a CreateResolverQueryLogConfig (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverQueryLogConfig.html) // , DeleteResolverQueryLogConfig (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteResolverQueryLogConfig.html) // , GetResolverQueryLogConfig (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverQueryLogConfig.html) // , or ListResolverQueryLogConfigs (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverQueryLogConfigs.html) // request, a complex type that contains settings for one query logging // configuration. type ResolverQueryLogConfig struct { // The ARN for the query logging configuration. Arn *string // The number of VPCs that are associated with the query logging configuration. AssociationCount int32 // The date and time that the query logging configuration was created, in Unix // time format and Coordinated Universal Time (UTC). CreationTime *string // A unique string that identifies the request that created the query logging // configuration. The CreatorRequestId allows failed requests to be retried // without the risk of running the operation twice. CreatorRequestId *string // The ARN of the resource that you want Resolver to send query logs: an Amazon S3 // bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream. DestinationArn *string // The ID for the query logging configuration. Id *string // The name of the query logging configuration. Name *string // The Amazon Web Services account ID for the account that created the query // logging configuration. OwnerId *string // An indication of whether the query logging configuration is shared with other // Amazon Web Services accounts, or was shared with the current account by another // Amazon Web Services account. Sharing is configured through Resource Access // Manager (RAM). ShareStatus ShareStatus // The status of the specified query logging configuration. Valid values include // the following: // - CREATING : Resolver is creating the query logging configuration. // - CREATED : The query logging configuration was successfully created. Resolver // is logging queries that originate in the specified VPC. // - DELETING : Resolver is deleting this query logging configuration. // - FAILED : Resolver can't deliver logs to the location that is specified in // the query logging configuration. Here are two common causes: // - The specified destination (for example, an Amazon S3 bucket) was deleted. // - Permissions don't allow sending logs to the destination. Status ResolverQueryLogConfigStatus noSmithyDocumentSerde } // In the response to an AssociateResolverQueryLogConfig (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_AssociateResolverQueryLogConfig.html) // , DisassociateResolverQueryLogConfig (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DisassociateResolverQueryLogConfig.html) // , GetResolverQueryLogConfigAssociation (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverQueryLogConfigAssociation.html) // , or ListResolverQueryLogConfigAssociations (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverQueryLogConfigAssociations.html) // , request, a complex type that contains settings for a specified association // between an Amazon VPC and a query logging configuration. type ResolverQueryLogConfigAssociation struct { // The date and time that the VPC was associated with the query logging // configuration, in Unix time format and Coordinated Universal Time (UTC). CreationTime *string // If the value of Status is FAILED , the value of Error indicates the cause: // - DESTINATION_NOT_FOUND : The specified destination (for example, an Amazon S3 // bucket) was deleted. // - ACCESS_DENIED : Permissions don't allow sending logs to the destination. // If the value of Status is a value other than FAILED , Error is null. Error ResolverQueryLogConfigAssociationError // Contains additional information about the error. If the value or Error is null, // the value of ErrorMessage also is null. ErrorMessage *string // The ID of the query logging association. Id *string // The ID of the query logging configuration that a VPC is associated with. ResolverQueryLogConfigId *string // The ID of the Amazon VPC that is associated with the query logging // configuration. ResourceId *string // The status of the specified query logging association. Valid values include the // following: // - CREATING : Resolver is creating an association between an Amazon VPC and a // query logging configuration. // - CREATED : The association between an Amazon VPC and a query logging // configuration was successfully created. Resolver is logging queries that // originate in the specified VPC. // - DELETING : Resolver is deleting this query logging association. // - FAILED : Resolver either couldn't create or couldn't delete the query // logging association. Status ResolverQueryLogConfigAssociationStatus noSmithyDocumentSerde } // For queries that originate in your VPC, detailed information about a Resolver // rule, which specifies how to route DNS queries out of the VPC. The ResolverRule // parameter appears in the response to a CreateResolverRule (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverRule.html) // , DeleteResolverRule (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteResolverRule.html) // , GetResolverRule (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverRule.html) // , ListResolverRules (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverRules.html) // , or UpdateResolverRule (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateResolverRule.html) // request. type ResolverRule struct { // The ARN (Amazon Resource Name) for the Resolver rule specified by Id . Arn *string // The date and time that the Resolver rule was created, in Unix time format and // Coordinated Universal Time (UTC). CreationTime *string // A unique string that you specified when you created the Resolver rule. // CreatorRequestId identifies the request and allows failed requests to be retried // without the risk of running the operation twice. CreatorRequestId *string // DNS queries for this domain name are forwarded to the IP addresses that are // specified in TargetIps . If a query matches multiple Resolver rules (example.com // and www.example.com), the query is routed using the Resolver rule that contains // the most specific domain name (www.example.com). DomainName *string // The ID that Resolver assigned to the Resolver rule when you created it. Id *string // The date and time that the Resolver rule was last updated, in Unix time format // and Coordinated Universal Time (UTC). ModificationTime *string // The name for the Resolver rule, which you specified when you created the // Resolver rule. Name *string // When a rule is shared with another Amazon Web Services account, the account ID // of the account that the rule is shared with. OwnerId *string // The ID of the endpoint that the rule is associated with. ResolverEndpointId *string // When you want to forward DNS queries for specified domain name to resolvers on // your network, specify FORWARD . When you have a forwarding rule to forward DNS // queries for a domain to your network and you want Resolver to process queries // for a subdomain of that domain, specify SYSTEM . For example, to forward DNS // queries for example.com to resolvers on your network, you create a rule and // specify FORWARD for RuleType . To then have Resolver process queries for // apex.example.com, you create a rule and specify SYSTEM for RuleType . Currently, // only Resolver can create rules that have a value of RECURSIVE for RuleType . RuleType RuleTypeOption // Whether the rule is shared and, if so, whether the current account is sharing // the rule with another account, or another account is sharing the rule with the // current account. ShareStatus ShareStatus // A code that specifies the current status of the Resolver rule. Status ResolverRuleStatus // A detailed description of the status of a Resolver rule. StatusMessage *string // An array that contains the IP addresses and ports that an outbound endpoint // forwards DNS queries to. Typically, these are the IP addresses of DNS resolvers // on your network. TargetIps []TargetAddress noSmithyDocumentSerde } // In the response to an AssociateResolverRule (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_AssociateResolverRule.html) // , DisassociateResolverRule (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DisassociateResolverRule.html) // , or ListResolverRuleAssociations (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverRuleAssociations.html) // request, provides information about an association between a Resolver rule and a // VPC. The association determines which DNS queries that originate in the VPC are // forwarded to your network. type ResolverRuleAssociation struct { // The ID of the association between a Resolver rule and a VPC. Resolver assigns // this value when you submit an AssociateResolverRule (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_AssociateResolverRule.html) // request. Id *string // The name of an association between a Resolver rule and a VPC. Name *string // The ID of the Resolver rule that you associated with the VPC that is specified // by VPCId . ResolverRuleId *string // A code that specifies the current status of the association between a Resolver // rule and a VPC. Status ResolverRuleAssociationStatus // A detailed description of the status of the association between a Resolver rule // and a VPC. StatusMessage *string // The ID of the VPC that you associated the Resolver rule with. VPCId *string noSmithyDocumentSerde } // In an UpdateResolverRule (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateResolverRule.html) // request, information about the changes that you want to make. type ResolverRuleConfig struct { // The new name for the Resolver rule. The name that you specify appears in the // Resolver dashboard in the Route 53 console. Name *string // The ID of the new outbound Resolver endpoint that you want to use to route DNS // queries to the IP addresses that you specify in TargetIps . ResolverEndpointId *string // For DNS queries that originate in your VPC, the new IP addresses that you want // to route outbound DNS queries to. TargetIps []TargetAddress noSmithyDocumentSerde } // One tag that you want to add to the specified resource. A tag consists of a Key // (a name for the tag) and a Value . type Tag struct { // The name for the tag. For example, if you want to associate Resolver resources // with the account IDs of your customers for billing purposes, the value of Key // might be account-id . // // This member is required. Key *string // The value for the tag. For example, if Key is account-id , then Value might be // the ID of the customer account that you're creating the resource for. // // This member is required. Value *string noSmithyDocumentSerde } // In a CreateResolverRule (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverRule.html) // request, an array of the IPs that you want to forward DNS queries to. type TargetAddress struct { // One IPv4 address that you want to forward DNS queries to. Ip *string // One IPv6 address that you want to forward DNS queries to. Ipv6 *string // The port at Ip that you want to forward DNS queries to. Port *int32 noSmithyDocumentSerde } // Provides information about the IP address type in response to // UpdateResolverEndpoint (https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateResolverEndpoint.html) // . type UpdateIpAddress struct { // The ID of the IP address, specified by the ResolverEndpointId . // // This member is required. IpId *string // The IPv6 address that you want to use for DNS queries. // // This member is required. Ipv6 *string noSmithyDocumentSerde } type noSmithyDocumentSerde = smithydocument.NoSerde