How can I delete DNS query logging for a specific domain in Route 53?

3 minute read
0

I want to delete DNS query logging for a specific domain in Amazon Route 53.

Short description

To delete DNS query logging for a specific domain, first obtain the query logging ID. To do this, use either of the following tools:

  • The AWS Command Line Interface (AWS CLI)
  • AWS Tools for PowerShell

The query logging ID isn't available from the Route 53 console.

Resolution

Note: In the following commands, replace all placeholder text with the corresponding values for your configuration. If you receive errors when running AWS CLI commands, make sure that you're using the most recent version of the AWS CLI.

Delete DNS query logging for a specific domain using the AWS CLI

  1. Get information about Route 53 DNS query logging associated with a specific hosted zone created for a domain:

    aws route53 list-query-logging-configs --hosted-zone-id YOUR_HOSTED_ZONE_ID

    This returns an output similar to the following example:

    {
      "QueryLoggingConfigs": [
        {
          "HostedZoneId": "Z111111QQQQQQQ",
          "CloudWatchLogsLogGroupArn": "arn:aws:logs:us-east-1:555555555555:log-group:LOG_GROUP_NAME:*",
          "Id": "87654321-dcba-1234-abcd-1a2b3c111111"
        }
      ]
    }

    In this example, 87654321-dcba-1234-abcd-1a2b3c111111 is the query logging ID.

  2. Use the query logging ID to get query logging information for your specific domain name:

    aws route53 get-query-logging-config --id YOUR_QUERY_LOGGING_ID

    This returns an output similar to the following example:

    {
      "QueryLoggingConfig": {
        "HostedZoneId": "Z111111QQQQQQQ",
        "CloudWatchLogsLogGroupArn": "arn:aws:logs:us-east-1:555555555555:log-group:LOG_GROUP_NAME:*",
        "Id": "87654321-dcba-1234-abcd-1a2b3c111111"
      }
    }
  3. Delete query logging that's associated with your specific domain name:

    aws route53 delete-query-logging-config --id 87654321-dcba-1234-abcd-1a2b3c111111

Note: After running the previous command, you won't receive a confirmation message indicating that the query logging was deleted. To confirm the deletion, check the Route 53 console.

Delete DNS query logging for a specific domain using AWS Tools for PowerShell

  1. Get information about Route 53 DNS query logging for a domain's specific hosted zone:

    PS C:\Program Files (x86)\AWS Tools\PowerShell\AWSPowerShell> Get-R53QueryLoggingConfigList  -HostedZoneId  YOUR_HOSTED_ZONE_ID                                  HostedZoneId   CloudWatchLogsLogGroupArn
    --                                   ------------   -------------------------
    35ab59c0-4952-48ee-aa71-990f249c1abb Z111111QQQQQQQ arn:aws:logs:us-east-1:555555555555:log-group:LOG_GROUP_NAME:*
  2. Use the query logging ID to get query logging information for your specific domain name:

    PS C:\Program Files (x86)\AWS Tools\PowerShell\AWSPowerShell> Get-R53QueryLoggingConfig -Id a1b2c3d4-5678-90ab-cdef-EXAMPLE11111Id                                   HostedZoneId   CloudWatchLogsLogGroupArn
    --                                   ------------   -------------------------
    a1b2c3d4-5678-90ab-cdef-EXAMPLE11111 Z111111QQQQQQQ arn:aws:logs:us-east-1:555555555555:log-group:LOG_GROUP_NAME:*
  3. Delete query logging that's associated with your specific domain name:

    PS C:\Program Files (x86)\AWS Tools\PowerShell\AWSPowerShell> Remove-R53QueryLoggingConfig -Id a1b2c3d4-5678-90ab-cdef-EXAMPLE11111Confirm
    Are you sure you want to perform this action?
    Performing the operation "Remove-R53QueryLoggingConfig (DeleteQueryLoggingConfig)" on target "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111".
    [Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"): Y
    PS C:\Program Files (x86)\AWS Tools\PowerShell\AWSPowerShell>

Related information

Public DNS query logging

Stopping query logging

list-query-logging-configs

delete-query-logging-config

AWS Tools for PowerShell - Amazon Route 53

AWS OFFICIAL
AWS OFFICIALUpdated 8 months ago