View Source AWS.Route53 (aws-elixir v1.0.4)
Amazon Route 53 is a highly available and scalable Domain Name System (DNS) web service.
You can use Route 53 to:
* Register domain names.
For more information, see How domain registration works.
* Route internet traffic to the resources for your domain
For more information, see How internet traffic is routed to your website or web application.
* Check the health of your resources.
For more information, see How Route 53 checks the health of your resources.
Link to this section Summary
Functions
Activates a key-signing key (KSK) so that it can be used for signing by DNSSEC.
Associates an Amazon VPC with a private hosted zone.
Creates, changes, or deletes CIDR blocks within a collection.
Creates, changes, or deletes a resource record set, which contains authoritative DNS information for a specified domain name or subdomain name.
Adds, edits, or deletes tags for a health check or a hosted zone.
Creates a CIDR collection in the current Amazon Web Services account.
Creates a new health check.
Creates a new public or private hosted zone.
Creates a new key-signing key (KSK) associated with a hosted zone.
Creates a configuration for DNS query logging.
Creates a delegation set (a group of four name servers) that can be reused by multiple hosted zones that were created by the same Amazon Web Services account.
Creates a traffic policy, which you use to create multiple DNS resource record sets for one domain name (such as example.com) or one subdomain name (such as www.example.com).
Creates resource record sets in a specified hosted zone based on the settings in a specified traffic policy version.
Creates a new version of an existing traffic policy.
Authorizes the Amazon Web Services account that created a specified VPC to
submit an
AssociateVPCWithHostedZone request to associate the VPC with a
specified hosted zone that was created by a different account.
Deactivates a key-signing key (KSK) so that it will not be used for signing by DNSSEC.
Deletes a CIDR collection in the current Amazon Web Services account.
Deletes a health check.
Deletes a hosted zone.
Deletes a key-signing key (KSK).
Deletes a configuration for DNS query logging.
Deletes a reusable delegation set.
Deletes a traffic policy.
Deletes a traffic policy instance and all of the resource record sets that Amazon Route 53 created when you created the instance.
Removes authorization to submit an AssociateVPCWithHostedZone request to
associate a specified VPC with a hosted zone that was created by a different
account.
Disables DNSSEC signing in a specific hosted zone.
Disassociates an Amazon Virtual Private Cloud (Amazon VPC) from an Amazon Route 53 private hosted zone.
Enables DNSSEC signing in a specific hosted zone.
Gets the specified limit for the current account, for example, the maximum number of health checks that you can create using the account.
Returns the current status of a change batch request.
Route 53 does not perform authorization for this API because it retrieves information that is already available to the public.
Returns information about DNSSEC for a specific hosted zone, including the key-signing keys (KSKs) in the hosted zone.
Gets information about whether a specified geographic location is supported for Amazon Route 53 geolocation resource record sets.
Gets information about a specified health check.
Retrieves the number of health checks that are associated with the current Amazon Web Services account.
Gets the reason that a specified health check failed most recently.
Gets status of a specified health check.
Gets information about a specified hosted zone including the four name servers assigned to the hosted zone.
Retrieves the number of hosted zones that are associated with the current Amazon Web Services account.
Gets the specified limit for a specified hosted zone, for example, the maximum number of records that you can create in the hosted zone.
Gets information about a specified configuration for DNS query logging.
Retrieves information about a specified reusable delegation set, including the four name servers that are assigned to the delegation set.
Gets the maximum number of hosted zones that you can associate with the specified reusable delegation set.
Gets information about a specific traffic policy version.
Gets information about a specified traffic policy instance.
Gets the number of traffic policy instances that are associated with the current Amazon Web Services account.
Returns a paginated list of location objects and their CIDR blocks.
Returns a paginated list of CIDR collections in the Amazon Web Services account (metadata only).
Returns a paginated list of CIDR locations for the given collection (metadata only, does not include CIDR blocks).
Retrieves a list of supported geographic locations.
Retrieve a list of the health checks that are associated with the current Amazon Web Services account.
Retrieves a list of the public and private hosted zones that are associated with the current Amazon Web Services account.
Retrieves a list of your hosted zones in lexicographic order.
Lists all the private hosted zones that a specified VPC is associated with, regardless of which Amazon Web Services account or Amazon Web Services service owns the hosted zones.
Lists the configurations for DNS query logging that are associated with the current Amazon Web Services account or the configuration that is associated with a specified hosted zone.
Lists the resource record sets in a specified hosted zone.
Retrieves a list of the reusable delegation sets that are associated with the current Amazon Web Services account.
Lists tags for one health check or hosted zone.
Lists tags for up to 10 health checks or hosted zones.
Gets information about the latest version for every traffic policy that is associated with the current Amazon Web Services account.
Gets information about the traffic policy instances that you created by using the current Amazon Web Services account.
Gets information about the traffic policy instances that you created in a specified hosted zone.
Gets information about the traffic policy instances that you created by using a specify traffic policy version.
Gets information about all of the versions for a specified traffic policy.
Gets a list of the VPCs that were created by other accounts and that can be
associated
with a specified hosted zone because you've submitted one or more
CreateVPCAssociationAuthorization requests.
Gets the value that Amazon Route 53 returns in response to a DNS request for a specified record name and type.
Updates an existing health check.
Updates the comment for a specified hosted zone.
Updates the comment for a specified traffic policy version.
After you submit a UpdateTrafficPolicyInstance request, there's a brief delay
while Route 53 creates the resource record sets
that are specified in the traffic policy definition.
Link to this section Functions
activate_key_signing_key(client, hosted_zone_id, name, input, options \\ [])
View SourceActivates a key-signing key (KSK) so that it can be used for signing by DNSSEC.
This
operation changes the KSK status to ACTIVE.
associate_vpc_with_hosted_zone(client, hosted_zone_id, input, options \\ [])
View SourceAssociates an Amazon VPC with a private hosted zone.
To perform the association, the VPC and the private hosted zone must already exist. You can't convert a public hosted zone into a private hosted zone.
If you want to associate a VPC that was created by using one Amazon Web Services
account with a private hosted zone that was created by using a
different account, the Amazon Web Services account that created the private
hosted
zone must first submit a CreateVPCAssociationAuthorization request.
Then the account that created the VPC must submit an
AssociateVPCWithHostedZone request.
When granting access, the hosted zone and the Amazon VPC must belong to the same partition. A partition is a group of Amazon Web Services Regions. Each Amazon Web Services account is scoped to one partition.
The following are the supported partitions:
aws - Amazon Web Services Regions
aws-cn - China Regions
aws-us-gov - Amazon Web Services GovCloud (US) Region
For more information, see Access Management in the Amazon Web Services General Reference.
Creates, changes, or deletes CIDR blocks within a collection.
Contains authoritative IP information mapping blocks to one or multiple locations.
A change request can update multiple locations in a collection at a time, which is helpful if you want to move one or more CIDR blocks from one location to another in one transaction, without downtime.
limits
Limits
The max number of CIDR blocks included in the request is 1000. As a result, big updates require multiple API calls.
put-and-delete_if_exists
PUT and DELETE_IF_EXISTS
Use ChangeCidrCollection to perform the following actions:
*
PUT: Create a CIDR block within the specified collection.
*
DELETE_IF_EXISTS: Delete an existing CIDR block from the
collection.
change_resource_record_sets(client, hosted_zone_id, input, options \\ [])
View SourceCreates, changes, or deletes a resource record set, which contains authoritative DNS information for a specified domain name or subdomain name.
For example, you can use
ChangeResourceRecordSets to create a resource record set that routes
traffic for test.example.com to a web server that has an IP address of
192.0.2.44.
deleting-resource-record-sets
Deleting Resource Record Sets
To delete a resource record set, you must specify all the same values that you specified when you created it.
change-batches-and-transactional-changes
Change Batches and Transactional Changes
The request body must include a document with a
ChangeResourceRecordSetsRequest element. The request body contains a
list of change items, known as a change batch. Change batches are considered
transactional changes. Route 53 validates the changes in the request and then
either
makes all or none of the changes in the change batch request. This ensures that
DNS
routing isn't adversely affected by partial changes to the resource record sets
in a
hosted zone.
For example, suppose a change batch request contains two changes: it deletes the
CNAME resource record set for www.example.com and creates an alias
resource record set for www.example.com. If validation for both records
succeeds, Route
53 deletes the first resource record set and creates the second resource record
set in a
single operation. If validation for either the DELETE or the
CREATE action fails, then the request is canceled, and the original
CNAME record continues to exist.
If you try to delete the same resource record set more than once in a single
change batch, Route 53 returns an InvalidChangeBatch error.
traffic-flow
Traffic Flow
To create resource record sets for complex routing configurations, use either the traffic flow visual editor in the Route 53 console or the API actions for traffic policies and traffic policy instances. Save the configuration as a traffic policy, then associate the traffic policy with one or more domain names (such as example.com) or subdomain names (such as www.example.com), in the same hosted zone or in multiple hosted zones. You can roll back the updates if the new configuration isn't performing as expected. For more information, see Using Traffic Flow to Route DNS Traffic in the Amazon Route 53 Developer Guide.
create-delete-and-upsert
Create, Delete, and Upsert
Use ChangeResourceRecordsSetsRequest to perform the following
actions:
*
CREATE: Creates a resource record set that has the specified
values.
*
DELETE: Deletes an existing resource record set that has the
specified values.
*
UPSERT: If a resource set doesn't exist, Route 53 creates it. If a resource
set exists Route 53 updates it with the values in the request.
syntaxes-for-creating-updating-and-deleting-resource-record
Syntaxes for Creating, Updating, and Deleting Resource Record
Sets
The syntax for a request depends on the type of resource record set that you want to create, delete, or update, such as weighted, alias, or failover. The XML elements in your request must appear in the order listed in the syntax.
For an example for each type of resource record set, see "Examples."
Don't refer to the syntax in the "Parameter Syntax" section, which includes
all of the elements for every kind of resource record set that you can create,
delete,
or update by using ChangeResourceRecordSets.
change-propagation-to-route-53-dns-servers
Change Propagation to Route 53 DNS Servers
When you submit a ChangeResourceRecordSets request, Route 53 propagates your
changes to all of the Route 53 authoritative DNS servers managing the hosted
zone. While
your changes are propagating, GetChange returns a status of
PENDING. When propagation is complete, GetChange returns a
status of INSYNC. Changes generally propagate to all Route 53 name servers
managing the hosted zone within 60 seconds. For more information, see
GetChange.
limits-on-changeresourcerecordsets-requests
Limits on ChangeResourceRecordSets Requests
For information about the limits on a ChangeResourceRecordSets request,
see
Limits
in the Amazon Route 53 Developer Guide.
change_tags_for_resource(client, resource_id, resource_type, input, options \\ [])
View SourceAdds, edits, or deletes tags for a health check or a hosted zone.
For information about using tags for cost allocation, see Using Cost Allocation Tags in the Billing and Cost Management User Guide.
Creates a CIDR collection in the current Amazon Web Services account.
Creates a new health check.
For information about adding health checks to resource record sets, see HealthCheckId in ChangeResourceRecordSets.
elb-load-balancers
ELB Load Balancers
If you're registering EC2 instances with an Elastic Load Balancing (ELB) load balancer, do not create Amazon Route 53 health checks for the EC2 instances. When you register an EC2 instance with a load balancer, you configure settings for an ELB health check, which performs a similar function to a Route 53 health check.
private-hosted-zones
Private Hosted Zones
You can associate health checks with failover resource record sets in a private hosted zone. Note the following:
* Route 53 health checkers are outside the VPC. To check the health of an endpoint within a VPC by IP address, you must assign a public IP address to the instance in the VPC.
* You can configure a health checker to check the health of an external resource that the instance relies on, such as a database server.
*
You can create a CloudWatch metric, associate an alarm with the metric, and
then create a health check that is based on the state of the alarm. For example,
you might create a CloudWatch metric that checks the status of the Amazon EC2
StatusCheckFailed metric, add an alarm to the metric, and then
create a health check that is based on the state of the alarm. For information
about creating CloudWatch metrics and alarms by using the CloudWatch console,
see the Amazon CloudWatch User
Guide.
Creates a new public or private hosted zone.
You create records in a public hosted zone to define how you want to route traffic on the internet for a domain, such as example.com, and its subdomains (apex.example.com, acme.example.com). You create records in a private hosted zone to define how you want to route traffic for a domain and its subdomains within one or more Amazon Virtual Private Clouds (Amazon VPCs).
You can't convert a public hosted zone to a private hosted zone or vice versa. Instead, you must create a new hosted zone with the same name and create new resource record sets.
For more information about charges for hosted zones, see Amazon Route 53 Pricing.
Note the following:
* You can't create a hosted zone for a top-level domain (TLD) such as .com.
For public hosted zones, Route 53 automatically creates a default SOA record and four NS records for the zone. For more information about SOA and NS records, see NS and SOA Records that Route 53 Creates for a Hosted Zone in the Amazon Route 53 Developer Guide*.
If you want to use the same name servers for multiple public hosted zones, you
can optionally associate a reusable delegation set with the hosted zone. See the
DelegationSetId element.
If your domain is registered with a registrar other than Route 53, you must update the name servers with your registrar to make Route 53 the DNS service for the domain. For more information, see Migrating DNS Service for an Existing Domain to Amazon Route 53 in the Amazon Route 53 Developer Guide*.
When you submit a CreateHostedZone request, the initial status of the
hosted zone is PENDING. For public hosted zones, this means that the NS and
SOA records are not yet available on all Route 53 DNS servers. When the NS and
SOA records are available, the status of the zone changes to INSYNC.
The CreateHostedZone request requires the caller to have an
ec2:DescribeVpcs permission.
When creating private hosted zones, the Amazon VPC must belong to the same partition where the hosted zone is created. A partition is a group of Amazon Web Services Regions. Each Amazon Web Services account is scoped to one partition.
The following are the supported partitions:
aws - Amazon Web Services Regions
aws-cn - China Regions
aws-us-gov - Amazon Web Services GovCloud (US) Region
For more information, see Access Management in the Amazon Web Services General Reference.
Creates a new key-signing key (KSK) associated with a hosted zone.
You can only have two KSKs per hosted zone.
Creates a configuration for DNS query logging.
After you create a query logging configuration, Amazon Route 53 begins to publish log data to an Amazon CloudWatch Logs log group.
DNS query logs contain information about the queries that Route 53 receives for a specified public hosted zone, such as the following:
* Route 53 edge location that responded to the DNS query
* Domain or subdomain that was requested
* DNS record type, such as A or AAAA
*
DNS response code, such as NoError or
ServFail
definitions
Definitions
log-group-and-resource-policy
Log Group and Resource Policy
Before you create a query logging configuration, perform the following operations.
If you create a query logging configuration using the Route 53 console, Route 53 performs these operations automatically.
Create a CloudWatch Logs log group, and make note of the ARN, which you specify when you create a query logging configuration. Note the following:
You must create the log group in the us-east-1 region.
You must use the same Amazon Web Services account to create the log group and the hosted zone that you want to configure query logging for.
When you create log groups for query logging, we recommend that you use a consistent prefix, for example:
/aws/route53/*hosted zone
name*
In the next step, you'll create a resource policy, which controls access to one or more log groups and the associated Amazon Web Services resources, such as Route 53 hosted zones. There's a limit on the number of resource policies that you can create, so we recommend that you use a consistent prefix so you can use the same resource policy for all the log groups that you create for query logging.
Create a CloudWatch Logs resource policy, and give it the
permissions that Route 53 needs to create log streams and to send
query logs to log streams. You must create the CloudWatch Logs resource policy
in the us-east-1
region. For the value of Resource,
specify the ARN for the log group that you created in the previous
step. To use the same resource policy for all the CloudWatch Logs
log groups that you created for query logging configurations,
replace the hosted zone name with *, for
example:
arn:aws:logs:us-east-1:123412341234:log-group:/aws/route53/*
To avoid the confused deputy problem, a security issue where an entity without a permission for an action can coerce a more-privileged entity to perform it, you can optionally limit the permissions that a service has to a resource in a resource-based policy by supplying the following values:
For aws:SourceArn, supply the hosted zone ARN
used in creating the query logging configuration. For
example,
aws:SourceArn:
arn:aws:route53:::hostedzone/hosted zone
ID.
For aws:SourceAccount, supply the account ID
for the account that creates the query logging
configuration. For example,
aws:SourceAccount:111111111111.
For more information, see The confused deputy problem in the Amazon Web Services IAM User Guide.
You can't use the CloudWatch console to create or edit a resource policy. You must use the CloudWatch API, one of the Amazon Web Services SDKs, or the CLI.
log-streams-and-edge-locations
Log Streams and Edge Locations
When Route 53 finishes creating the configuration for DNS query logging, it does the following:
Creates a log stream for an edge location the first time that the edge location responds to DNS queries for the specified hosted zone. That log stream is used to log all queries that Route 53 responds to for that edge location.
Begins to send query logs to the applicable log stream.
The name of each log stream is in the following format:
*hosted zone ID*/*edge location
code*
The edge location code is a three-letter code and an arbitrarily assigned number, for example, DFW3. The three-letter code typically corresponds with the International Air Transport Association airport code for an airport near the edge location. (These abbreviations might change in the future.) For a list of edge locations, see "The Route 53 Global Network" on the Route 53 Product Details page.
queries-that-are-logged
Queries That Are Logged
Query logs contain only the queries that DNS resolvers forward to Route
- If a DNS resolver has already cached the response to a query (such as the IP address for a load balancer for example.com), the resolver will continue to return the cached response. It doesn't forward another query to Route 53 until the TTL for the corresponding resource record set expires. Depending on how many DNS queries are submitted for a resource record set, and depending on the TTL for that resource record set, query logs might contain information about only one query out of every several thousand queries that are submitted to DNS. For more information about how DNS works, see Routing Internet Traffic to Your Website or Web Application in the Amazon Route 53 Developer Guide.
log-file-format
Log File Format
For a list of the values in each query log and the format of each value, see Logging DNS Queries in the Amazon Route 53 Developer Guide.
pricing
Pricing
For information about charges for query logs, see Amazon CloudWatch Pricing.
how-to-stop-logging
How to Stop Logging
If you want Route 53 to stop sending query logs to CloudWatch Logs, delete the query logging configuration. For more information, see DeleteQueryLoggingConfig.
Creates a delegation set (a group of four name servers) that can be reused by multiple hosted zones that were created by the same Amazon Web Services account.
You can also create a reusable delegation set that uses the four name servers
that are
associated with an existing hosted zone. Specify the hosted zone ID in the
CreateReusableDelegationSet request.
You can't associate a reusable delegation set with a private hosted zone.
For information about using a reusable delegation set to configure white label name servers, see Configuring White Label Name Servers.
The process for migrating existing hosted zones to use a reusable delegation set is comparable to the process for configuring white label name servers. You need to perform the following steps:
1. Create a reusable delegation set.
2. Recreate hosted zones, and reduce the TTL to 60 seconds or less.
3. Recreate resource record sets in the new hosted zones.
4. Change the registrar's name servers to use the name servers for the new hosted zones.
5. Monitor traffic for the website or application.
6. Change TTLs back to their original values.
If you want to migrate existing hosted zones to use a reusable delegation set, the existing hosted zones can't use any of the name servers that are assigned to the reusable delegation set. If one or more hosted zones do use one or more name servers that are assigned to the reusable delegation set, you can do one of the following:
* For small numbers of hosted zones—up to a few hundred—it's relatively easy to create reusable delegation sets until you get one that has four name servers that don't overlap with any of the name servers in your hosted zones.
* For larger numbers of hosted zones, the easiest solution is to use more than one reusable delegation set.
* For larger numbers of hosted zones, you can also migrate hosted zones that have overlapping name servers to hosted zones that don't have overlapping name servers, then migrate the hosted zones again to use the reusable delegation set.
Creates a traffic policy, which you use to create multiple DNS resource record sets for one domain name (such as example.com) or one subdomain name (such as www.example.com).
Creates resource record sets in a specified hosted zone based on the settings in a specified traffic policy version.
In addition, CreateTrafficPolicyInstance
associates the resource record sets with a specified domain name (such as
example.com)
or subdomain name (such as www.example.com). Amazon Route 53 responds to DNS
queries for
the domain or subdomain name by using the resource record sets that
CreateTrafficPolicyInstance created.
After you submit an CreateTrafficPolicyInstance request, there's a
brief delay while Amazon Route 53 creates the resource record sets that are
specified in the traffic policy definition.
Use GetTrafficPolicyInstance with the id of new traffic policy instance to
confirm that the CreateTrafficPolicyInstance
request completed successfully. For more information, see the
State response element.
Creates a new version of an existing traffic policy.
When you create a new version of a traffic policy, you specify the ID of the traffic policy that you want to update and a JSON-formatted document that describes the new version. You use traffic policies to create multiple DNS resource record sets for one domain name (such as example.com) or one subdomain name (such as www.example.com). You can create a maximum of 1000 versions of a traffic policy. If you reach the limit and need to create another version, you'll need to start a new traffic policy.
create_vpc_association_authorization(client, hosted_zone_id, input, options \\ [])
View SourceAuthorizes the Amazon Web Services account that created a specified VPC to
submit an
AssociateVPCWithHostedZone request to associate the VPC with a
specified hosted zone that was created by a different account.
To submit a
CreateVPCAssociationAuthorization request, you must use the account
that created the hosted zone. After you authorize the association, use the
account that
created the VPC to submit an AssociateVPCWithHostedZone request.
If you want to associate multiple VPCs that you created by using one account with a hosted zone that you created by using a different account, you must submit one authorization request for each VPC.
deactivate_key_signing_key(client, hosted_zone_id, name, input, options \\ [])
View SourceDeactivates a key-signing key (KSK) so that it will not be used for signing by DNSSEC.
This operation changes the KSK status to INACTIVE.
Deletes a CIDR collection in the current Amazon Web Services account.
The collection must be empty before it can be deleted.
delete_health_check(client, health_check_id, input, options \\ [])
View SourceDeletes a health check.
Amazon Route 53 does not prevent you from deleting a health check even if the health check is associated with one or more resource record sets. If you delete a health check and you don't update the associated resource record sets, the future status of the health check can't be predicted and may change. This will affect the routing of DNS queries for your DNS failover configuration. For more information, see Replacing and Deleting Health Checks in the Amazon Route 53 Developer Guide.
If you're using Cloud Map and you configured Cloud Map to create a Route 53
health check when you register an instance, you can't use the Route 53
DeleteHealthCheck command to delete the health check. The health check
is deleted automatically when you deregister the instance; there can be a delay
of
several hours before the health check is deleted from Route 53.
Deletes a hosted zone.
If the hosted zone was created by another service, such as Cloud Map, see Deleting Public Hosted Zones That Were Created by Another Service in the Amazon Route 53 Developer Guide for information about how to delete it. (The process is the same for public and private hosted zones that were created by another service.)
If you want to keep your domain registration but you want to stop routing internet traffic to your website or web application, we recommend that you delete resource record sets in the hosted zone instead of deleting the hosted zone.
If you delete a hosted zone, you can't undelete it. You must create a new hosted zone and update the name servers for your domain registration, which can require up to 48 hours to take effect. (If you delegated responsibility for a subdomain to a hosted zone and you delete the child hosted zone, you must update the name servers in the parent hosted zone.) In addition, if you delete a hosted zone, someone could hijack the domain and route traffic to their own resources using your domain name.
If you want to avoid the monthly charge for the hosted zone, you can transfer DNS service for the domain to a free DNS service. When you transfer DNS service, you have to update the name servers for the domain registration. If the domain is registered with Route 53, see UpdateDomainNameservers for information about how to replace Route 53 name servers with name servers for the new DNS service. If the domain is registered with another registrar, use the method provided by the registrar to update name servers for the domain registration. For more information, perform an internet search on "free DNS service."
You can delete a hosted zone only if it contains only the default SOA record and
NS
resource record sets. If the hosted zone contains other resource record sets,
you must
delete them before you can delete the hosted zone. If you try to delete a hosted
zone
that contains other resource record sets, the request fails, and Route 53
returns a HostedZoneNotEmpty error. For information about deleting records
from your hosted zone, see
ChangeResourceRecordSets.
To verify that the hosted zone has been deleted, do one of the following:
*
Use the GetHostedZone action to request information about the
hosted zone.
*
Use the ListHostedZones action to get a list of the hosted zones
associated with the current Amazon Web Services account.
delete_key_signing_key(client, hosted_zone_id, name, input, options \\ [])
View SourceDeletes a key-signing key (KSK).
Before you can delete a KSK, you must deactivate it. The KSK must be deactivated before you can delete it regardless of whether the hosted zone is enabled for DNSSEC signing.
You can use DeactivateKeySigningKey to deactivate the key before you delete it.
Use
GetDNSSEC
to verify that the KSK is in an INACTIVE
status.
Deletes a configuration for DNS query logging.
If you delete a configuration, Amazon Route 53 stops sending query logs to CloudWatch Logs. Route 53 doesn't delete any logs that are already in CloudWatch Logs.
For more information about DNS query logs, see CreateQueryLoggingConfig.
Deletes a reusable delegation set.
You can delete a reusable delegation set only if it isn't associated with any hosted zones.
To verify that the reusable delegation set is not associated with any hosted zones, submit a GetReusableDelegationSet request and specify the ID of the reusable delegation set that you want to delete.
Deletes a traffic policy.
When you delete a traffic policy, Route 53 sets a flag on the policy to indicate that it has been deleted. However, Route 53 never fully deletes the traffic policy. Note the following:
* Deleted traffic policies aren't listed if you run ListTrafficPolicies.
* There's no way to get a list of deleted policies.
* If you retain the ID of the policy, you can get information about the policy, including the traffic policy document, by running GetTrafficPolicy.
Deletes a traffic policy instance and all of the resource record sets that Amazon Route 53 created when you created the instance.
In the Route 53 console, traffic policy instances are known as policy records.
delete_vpc_association_authorization(client, hosted_zone_id, input, options \\ [])
View SourceRemoves authorization to submit an AssociateVPCWithHostedZone request to
associate a specified VPC with a hosted zone that was created by a different
account.
You must use the account that created the hosted zone to submit a
DeleteVPCAssociationAuthorization request.
Sending this request only prevents the Amazon Web Services account that created
the
VPC from associating the VPC with the Amazon Route 53 hosted zone in the future.
If
the VPC is already associated with the hosted zone,
DeleteVPCAssociationAuthorization won't disassociate the VPC from
the hosted zone. If you want to delete an existing association, use
DisassociateVPCFromHostedZone.
disable_hosted_zone_dns_sec(client, hosted_zone_id, input, options \\ [])
View SourceDisables DNSSEC signing in a specific hosted zone.
This action does not deactivate any key-signing keys (KSKs) that are active in the hosted zone.
disassociate_vpc_from_hosted_zone(client, hosted_zone_id, input, options \\ [])
View SourceDisassociates an Amazon Virtual Private Cloud (Amazon VPC) from an Amazon Route 53 private hosted zone.
Note the following:
* You can't disassociate the last Amazon VPC from a private hosted zone.
* You can't convert a private hosted zone into a public hosted zone.
*
You can submit a DisassociateVPCFromHostedZone request using
either the account that created the hosted zone or the account that created the
Amazon VPC.
* Some services, such as Cloud Map and Amazon Elastic File System (Amazon EFS) automatically create hosted zones and associate VPCs with the hosted zones. A service can create a hosted zone using your account or using its own account. You can disassociate a VPC from a hosted zone only if the service created the hosted zone using your account.
When you run
DisassociateVPCFromHostedZone, if the hosted zone has a value for
OwningAccount, you can use
DisassociateVPCFromHostedZone. If the hosted zone has a value
for OwningService, you can't use
DisassociateVPCFromHostedZone.
When revoking access, the hosted zone and the Amazon VPC must belong to the same partition. A partition is a group of Amazon Web Services Regions. Each Amazon Web Services account is scoped to one partition.
The following are the supported partitions:
aws - Amazon Web Services Regions
aws-cn - China Regions
aws-us-gov - Amazon Web Services GovCloud (US) Region
For more information, see Access Management in the Amazon Web Services General Reference.
enable_hosted_zone_dns_sec(client, hosted_zone_id, input, options \\ [])
View SourceEnables DNSSEC signing in a specific hosted zone.
Gets the specified limit for the current account, for example, the maximum number of health checks that you can create using the account.
For the default limit, see Limits in the Amazon Route 53 Developer Guide. To request a higher limit, open a case.
You can also view account limits in Amazon Web Services Trusted Advisor. Sign in to the Amazon Web Services Management Console and open the Trusted Advisor console at https://console.aws.amazon.com/trustedadvisor/. Then choose Service limits in the navigation pane.
Returns the current status of a change batch request.
The status is one of the following values:
*
PENDING indicates that the changes in this request have not
propagated to all Amazon Route 53 DNS servers managing the hosted zone. This is
the initial status of all
change batch requests.
*
INSYNC indicates that the changes have propagated to all Route 53
DNS servers managing the hosted zone.
Route 53 does not perform authorization for this API because it retrieves information that is already available to the public.
GetCheckerIpRanges still works, but we recommend that you download
ip-ranges.json, which includes IP address ranges for all Amazon Web Services
services. For more information, see IP Address Ranges of Amazon Route 53
Servers
in the Amazon Route 53 Developer
Guide.
Returns information about DNSSEC for a specific hosted zone, including the key-signing keys (KSKs) in the hosted zone.
get_geo_location(client, continent_code \\ nil, country_code \\ nil, subdivision_code \\ nil, options \\ [])
View SourceGets information about whether a specified geographic location is supported for Amazon Route 53 geolocation resource record sets.
Route 53 does not perform authorization for this API because it retrieves information that is already available to the public.
Use the following syntax to determine whether a continent is supported for geolocation:
GET /2013-04-01/geolocation?continentcode=*two-letter abbreviation for
a continent*
Use the following syntax to determine whether a country is supported for geolocation:
GET /2013-04-01/geolocation?countrycode=*two-character country
code*
Use the following syntax to determine whether a subdivision of a country is supported for geolocation:
GET /2013-04-01/geolocation?countrycode=*two-character country
code*&subdivisioncode=*subdivision
code*
Gets information about a specified health check.
Retrieves the number of health checks that are associated with the current Amazon Web Services account.
get_health_check_last_failure_reason(client, health_check_id, options \\ [])
View SourceGets the reason that a specified health check failed most recently.
Gets status of a specified health check.
This API is intended for use during development to diagnose behavior. It doesn’t support production use-cases with high query rates that require immediate and actionable responses.
Gets information about a specified hosted zone including the four name servers assigned to the hosted zone.
`` returns the VPCs associated with the specified hosted zone and does not reflect the VPC associations by Route 53 Profiles. To get the associations to a Profile, call the ListProfileAssociations API.
Retrieves the number of hosted zones that are associated with the current Amazon Web Services account.
get_hosted_zone_limit(client, hosted_zone_id, type, options \\ [])
View SourceGets the specified limit for a specified hosted zone, for example, the maximum number of records that you can create in the hosted zone.
For the default limit, see Limits in the Amazon Route 53 Developer Guide. To request a higher limit, open a case.
Gets information about a specified configuration for DNS query logging.
For more information about DNS query logs, see CreateQueryLoggingConfig and Logging DNS Queries.
Retrieves information about a specified reusable delegation set, including the four name servers that are assigned to the delegation set.
get_reusable_delegation_set_limit(client, delegation_set_id, type, options \\ [])
View SourceGets the maximum number of hosted zones that you can associate with the specified reusable delegation set.
For the default limit, see Limits in the Amazon Route 53 Developer Guide. To request a higher limit, open a case.
Gets information about a specific traffic policy version.
For information about how of deleting a traffic policy affects the response from
GetTrafficPolicy, see
DeleteTrafficPolicy.
Gets information about a specified traffic policy instance.
Use GetTrafficPolicyInstance with the id of new traffic policy instance to
confirm that the
CreateTrafficPolicyInstance or an UpdateTrafficPolicyInstance request
completed successfully.
For more information, see the State response
element.
In the Route 53 console, traffic policy instances are known as policy records.
Gets the number of traffic policy instances that are associated with the current Amazon Web Services account.
list_cidr_blocks(client, collection_id, location_name \\ nil, max_results \\ nil, next_token \\ nil, options \\ [])
View SourceReturns a paginated list of location objects and their CIDR blocks.
list_cidr_collections(client, max_results \\ nil, next_token \\ nil, options \\ [])
View SourceReturns a paginated list of CIDR collections in the Amazon Web Services account (metadata only).
list_cidr_locations(client, collection_id, max_results \\ nil, next_token \\ nil, options \\ [])
View SourceReturns a paginated list of CIDR locations for the given collection (metadata only, does not include CIDR blocks).
list_geo_locations(client, max_items \\ nil, start_continent_code \\ nil, start_country_code \\ nil, start_subdivision_code \\ nil, options \\ [])
View SourceRetrieves a list of supported geographic locations.
Countries are listed first, and continents are listed last. If Amazon Route 53 supports subdivisions for a country (for example, states or provinces), the subdivisions for that country are listed in alphabetical order immediately after the corresponding country.
Route 53 does not perform authorization for this API because it retrieves information that is already available to the public.
For a list of supported geolocation codes, see the GeoLocation data type.
list_health_checks(client, marker \\ nil, max_items \\ nil, options \\ [])
View SourceRetrieve a list of the health checks that are associated with the current Amazon Web Services account.
list_hosted_zones(client, delegation_set_id \\ nil, hosted_zone_type \\ nil, marker \\ nil, max_items \\ nil, options \\ [])
View SourceRetrieves a list of the public and private hosted zones that are associated with the current Amazon Web Services account.
The response includes a HostedZones
child element for each hosted zone.
Amazon Route 53 returns a maximum of 100 items in each response. If you have a
lot of
hosted zones, you can use the maxitems parameter to list them in groups of
up to 100.
list_hosted_zones_by_name(client, dns_name \\ nil, hosted_zone_id \\ nil, max_items \\ nil, options \\ [])
View SourceRetrieves a list of your hosted zones in lexicographic order.
The response includes a
HostedZones child element for each hosted zone created by the current
Amazon Web Services account.
ListHostedZonesByName sorts hosted zones by name with the labels
reversed. For example:
com.example.www.
Note the trailing dot, which can change the sort order in some circumstances.
If the domain name includes escape characters or Punycode,
ListHostedZonesByName alphabetizes the domain name using the escaped or
Punycoded value, which is the format that Amazon Route 53 saves in its database.
For
example, to create a hosted zone for exämple.com, you specify ex344mple.com for
the domain name. ListHostedZonesByName alphabetizes it as:
com.ex344mple.
The labels are reversed and alphabetized using the escaped value. For more information about valid domain name formats, including internationalized domain names, see DNS Domain Name Format in the Amazon Route 53 Developer Guide.
Route 53 returns up to 100 items in each response. If you have a lot of hosted
zones,
use the MaxItems parameter to list them in groups of up to 100. The
response includes values that help navigate from one group of MaxItems
hosted zones to the next:
*
The DNSName and HostedZoneId elements in the
response contain the values, if any, specified for the dnsname and
hostedzoneid parameters in the request that produced the
current response.
*
The MaxItems element in the response contains the value, if any,
that you specified for the maxitems parameter in the request that
produced the current response.
*
If the value of IsTruncated in the response is true, there are
more hosted zones associated with the current Amazon Web Services account.
If IsTruncated is false, this response includes the last hosted
zone that is associated with the current account. The NextDNSName
element and NextHostedZoneId elements are omitted from the
response.
*
The NextDNSName and NextHostedZoneId elements in the
response contain the domain name and the hosted zone ID of the next hosted zone
that is associated with the current Amazon Web Services account. If you want to
list more hosted zones, make another call to ListHostedZonesByName,
and specify the value of NextDNSName and
NextHostedZoneId in the dnsname and
hostedzoneid parameters, respectively.
list_hosted_zones_by_vpc(client, max_items \\ nil, next_token \\ nil, vpc_id, vpc_region, options \\ [])
View SourceLists all the private hosted zones that a specified VPC is associated with, regardless of which Amazon Web Services account or Amazon Web Services service owns the hosted zones.
The HostedZoneOwner structure in the response contains one of the following
values:
*
An OwningAccount element, which contains the account number of
either the current Amazon Web Services account or another Amazon Web Services
account. Some services, such as Cloud Map, create
hosted zones using the current account.
*
An OwningService element, which identifies the Amazon Web Services
service that created and owns the hosted zone. For example, if a hosted zone was
created by Amazon Elastic File System (Amazon EFS), the value of
Owner is efs.amazonaws.com.
ListHostedZonesByVPC returns the hosted zones associated with the specified
VPC and does not reflect the hosted zone
associations to VPCs via Route 53 Profiles. To get the associations to a
Profile, call the
ListProfileResourceAssociations API.
When listing private hosted zones, the hosted zone and the Amazon VPC must belong to the same partition where the hosted zones were created. A partition is a group of Amazon Web Services Regions. Each Amazon Web Services account is scoped to one partition.
The following are the supported partitions:
aws - Amazon Web Services Regions
aws-cn - China Regions
aws-us-gov - Amazon Web Services GovCloud (US) Region
For more information, see Access Management in the Amazon Web Services General Reference.
list_query_logging_configs(client, hosted_zone_id \\ nil, max_results \\ nil, next_token \\ nil, options \\ [])
View SourceLists the configurations for DNS query logging that are associated with the current Amazon Web Services account or the configuration that is associated with a specified hosted zone.
For more information about DNS query logs, see CreateQueryLoggingConfig. Additional information, including the format of DNS query logs, appears in Logging DNS Queries in the Amazon Route 53 Developer Guide.
list_resource_record_sets(client, hosted_zone_id, max_items \\ nil, start_record_identifier \\ nil, start_record_name \\ nil, start_record_type \\ nil, options \\ [])
View SourceLists the resource record sets in a specified hosted zone.
ListResourceRecordSets returns up to 300 resource record sets at a time
in ASCII order, beginning at a position specified by the name and
type elements.
sort-order
Sort order
ListResourceRecordSets sorts results first by DNS name with the labels
reversed, for example:
com.example.www.
Note the trailing dot, which can change the sort order when the record name
contains
characters that appear before . (decimal 46) in the ASCII table. These
characters include the following: ! " # $ % & ' ( ) * + , -
When multiple records have the same DNS name, ListResourceRecordSets
sorts results by the record type.
specifying-where-to-start-listing-records
Specifying where to start listing records
You can use the name and type elements to specify the resource record set that the list begins with:
definitions
Definitions
if-you-do-not-specify-name-or-type
If you do not specify Name or Type
The results begin with the first resource record set that the hosted zone contains.
if-you-specify-name-but-not-type
If you specify Name but not Type
The results begin with the first resource record set in the list whose
name is greater than or equal to Name.
if-you-specify-type-but-not-name
If you specify Type but not Name
Amazon Route 53 returns the InvalidInput error.
if-you-specify-both-name-and-type
If you specify both Name and Type
The results begin with the first resource record set in the list whose
name is greater than or equal to Name, and whose type is
greater than or equal to Type.
resource-record-sets-that-are-pending
Resource record sets that are PENDING
This action returns the most current version of the records. This includes
records
that are PENDING, and that are not yet available on all Route 53 DNS
servers.
changing-resource-record-sets
Changing resource record sets
To ensure that you get an accurate listing of the resource record sets for a
hosted
zone at a point in time, do not submit a ChangeResourceRecordSets request
while you're paging through the results of a ListResourceRecordSets
request. If you do, some pages may display results without the latest changes
while
other pages display results with the latest changes.
displaying-the-next-page-of-results
Displaying the next page of results
If a ListResourceRecordSets command returns more than one page of
results, the value of IsTruncated is true. To display the next
page of results, get the values of NextRecordName,
NextRecordType, and NextRecordIdentifier (if any) from the
response. Then submit another ListResourceRecordSets request, and specify
those values for StartRecordName, StartRecordType, and
StartRecordIdentifier.
list_reusable_delegation_sets(client, marker \\ nil, max_items \\ nil, options \\ [])
View SourceRetrieves a list of the reusable delegation sets that are associated with the current Amazon Web Services account.
list_tags_for_resource(client, resource_id, resource_type, options \\ [])
View SourceLists tags for one health check or hosted zone.
For information about using tags for cost allocation, see Using Cost Allocation Tags in the Billing and Cost Management User Guide.
list_tags_for_resources(client, resource_type, input, options \\ [])
View SourceLists tags for up to 10 health checks or hosted zones.
For information about using tags for cost allocation, see Using Cost Allocation Tags in the Billing and Cost Management User Guide.
list_traffic_policies(client, max_items \\ nil, traffic_policy_id_marker \\ nil, options \\ [])
View SourceGets information about the latest version for every traffic policy that is associated with the current Amazon Web Services account.
Policies are listed in the order that they were created in.
For information about how of deleting a traffic policy affects the response from
ListTrafficPolicies, see
DeleteTrafficPolicy.
list_traffic_policy_instances(client, hosted_zone_id_marker \\ nil, max_items \\ nil, traffic_policy_instance_name_marker \\ nil, traffic_policy_instance_type_marker \\ nil, options \\ [])
View SourceGets information about the traffic policy instances that you created by using the current Amazon Web Services account.
After you submit an UpdateTrafficPolicyInstance request, there's a
brief delay while Amazon Route 53 creates the resource record sets that are
specified in the traffic policy definition. For more information, see the
State response element.
Route 53 returns a maximum of 100 items in each response. If you have a lot of
traffic
policy instances, you can use the MaxItems parameter to list them in groups
of up to 100.
list_traffic_policy_instances_by_hosted_zone(client, hosted_zone_id, max_items \\ nil, traffic_policy_instance_name_marker \\ nil, traffic_policy_instance_type_marker \\ nil, options \\ [])
View SourceGets information about the traffic policy instances that you created in a specified hosted zone.
After you submit a CreateTrafficPolicyInstance or an
UpdateTrafficPolicyInstance request, there's a brief delay while
Amazon Route 53 creates the resource record sets that are specified in the
traffic
policy definition. For more information, see the State response
element.
Route 53 returns a maximum of 100 items in each response. If you have a lot of
traffic
policy instances, you can use the MaxItems parameter to list them in groups
of up to 100.
list_traffic_policy_instances_by_policy(client, hosted_zone_id_marker \\ nil, max_items \\ nil, traffic_policy_id, traffic_policy_instance_name_marker \\ nil, traffic_policy_instance_type_marker \\ nil, traffic_policy_version, options \\ [])
View SourceGets information about the traffic policy instances that you created by using a specify traffic policy version.
After you submit a CreateTrafficPolicyInstance or an
UpdateTrafficPolicyInstance request, there's a brief delay while
Amazon Route 53 creates the resource record sets that are specified in the
traffic
policy definition. For more information, see the State response
element.
Route 53 returns a maximum of 100 items in each response. If you have a lot of
traffic
policy instances, you can use the MaxItems parameter to list them in groups
of up to 100.
list_traffic_policy_versions(client, id, max_items \\ nil, traffic_policy_version_marker \\ nil, options \\ [])
View SourceGets information about all of the versions for a specified traffic policy.
Traffic policy versions are listed in numerical order by
VersionNumber.
list_vpc_association_authorizations(client, hosted_zone_id, max_results \\ nil, next_token \\ nil, options \\ [])
View SourceGets a list of the VPCs that were created by other accounts and that can be
associated
with a specified hosted zone because you've submitted one or more
CreateVPCAssociationAuthorization requests.
The response includes a VPCs element with a VPC child
element for each VPC that can be associated with the hosted zone.
test_dns_answer(client, e_dns0_client_subnet_ip \\ nil, e_dns0_client_subnet_mask \\ nil, hosted_zone_id, record_name, record_type, resolver_ip \\ nil, options \\ [])
View SourceGets the value that Amazon Route 53 returns in response to a DNS request for a specified record name and type.
You can optionally specify the IP address of a DNS resolver, an EDNS0 client subnet IP address, and a subnet mask.
This call only supports querying public hosted zones.
The TestDnsAnswer returns information similar to what you would expect from
the answer
section of the dig command. Therefore, if you query for the name
servers of a subdomain that point to the parent name servers, those will not be
returned.
update_health_check(client, health_check_id, input, options \\ [])
View SourceUpdates an existing health check.
Note that some values can't be updated.
For more information about updating health checks, see Creating, Updating, and Deleting Health Checks in the Amazon Route 53 Developer Guide.
Updates the comment for a specified hosted zone.
update_traffic_policy_comment(client, id, version, input, options \\ [])
View SourceUpdates the comment for a specified traffic policy version.
After you submit a UpdateTrafficPolicyInstance request, there's a brief delay
while Route 53 creates the resource record sets
that are specified in the traffic policy definition.
Use GetTrafficPolicyInstance with the id of updated traffic policy instance
confirm
that the
UpdateTrafficPolicyInstance request completed successfully. For more
information, see the State response element.
Updates the resource record sets in a specified hosted zone that were created based on the settings in a specified traffic policy version.
When you update a traffic policy instance, Amazon Route 53 continues to respond to DNS queries for the root resource record set name (such as example.com) while it replaces one group of resource record sets with another. Route 53 performs the following operations:
1. Route 53 creates a new group of resource record sets based on the specified traffic policy. This is true regardless of how significant the differences are between the existing resource record sets and the new resource record sets.
2. When all of the new resource record sets have been created, Route 53 starts to respond to DNS queries for the root resource record set name (such as example.com) by using the new resource record sets.
3. Route 53 deletes the old group of resource record sets that are associated with the root resource record set name.