Sign In to the Console
AWS CloudFormation
User Guide (API Version 2010-05-15)

AWS Documentation » AWS CloudFormation » User Guide » Template Reference » AWS Resource and Property Types Reference » Amazon Route 53 Resource Types Reference » AWS::Route53Resolver::ResolverRule

AWS::Route53Resolver::ResolverRule

The AWS::Route53Resolver::ResolverRule resource provides detailed information about a resolver rule, which specifies how to route DNS queries out of a VPC for Amazon Route 53 Resolver. For more information, see ResolverRule in the Amazon Route 53 API Reference.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::Route53Resolver::ResolverRule",
  "Properties" : {
    "DomainName" : String,
    "Name" : String,
    "ResolverEndpointId" : String,
    "RuleType" : String,
    "Tags" : [ Resource Tag, ... ],
    "TargetIps" : [ TargetAddress, ... ]
  }
}

YAML

Type: "AWS::Route53Resolver::ResolverRule"
Properties:
  DomainName: String
  Name: String
  ResolverEndpointId: String
  RuleType: String
  Tags: 
    - Resource Tag
  TargetIps: 
    - TargetAddress

Properties

DomainName

DNS queries for this domain name are forwarded to the IP addresses that are specified in TargetIps. If a query matches multiple resolver rules (example.com and www.example.com), the query is routed using the resolver rule that contains the most specific domain name (www.example.com).

Required: Yes

Type: String

Update requires: Replacement

Name

A friendly name that lets you easily find a rule in the Resolver dashboard in the Route 53 console.

Required: No

Type: String

Update requires: No interruption

ResolverEndpointId

The ID of the outbound endpoint that the rule is associated with.

Required: No

Type: String

Update requires: No interruption

RuleType

When you want to forward DNS queries for specified domain name to resolvers on your network, specify FORWARD.

When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, choose SYSTEM.

For example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify FORWARD for RuleType. To then have Resolver process queries for apex.example.com, you create a rule and specify SYSTEM for RuleType.

Required: Yes

Type: String

Update requires: Replacement

Tags

A list of the tag keys and values that you want to associate with the rule.

Required: No

Type: List of Resource Tag property types

Update requires: No interruption

TargetIps

When a DNS query matches the name that you specify in DomainName, the outbound endpoint forwards the query to the IP addresses that you specify here, typically the IP addresses for DNS resolvers on your network. Specify IPv4 addresses. IPv6 is not supported.

Required: No

Type: List of TargetAddress property types

Update requires: No interruption

Return Values

Ref

When you pass the logical ID of an AWS::Route53Resolver::ResolverRule resource to the intrinsic Ref function, the function returns the ResolverRule object, which contains detailed information about the rule.

For more information about using the Ref function, see Ref.

Fn::GetAtt

Fn::GetAtt returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

Arn

The Amazon Resource Name (ARN) of the resolver rule, such as arn:aws:route53Resolver:us-east-1:123456789012:resolver-rule/resolver-rule-a1bzhi.

DomainName

DNS queries for this domain name are forwarded to the IP addresses that are specified in TargetIps. If a query matches multiple resolver rules (example.com and www.example.com), the query is routed using the resolver rule that contains the most specific domain name (www.example.com).

ResolverEndpointId

The ID of the outbound endpoint that the rule is associated with, such as rslvr-out-fdc049932dexample.

ResolverRuleId

When the value of RuleType is FORWARD, the ID that Resolver assigned to the resolver rule when you created it, such as rslvr-rr-5328a0899aexample. This value isn't applicable when RuleType is SYSTEM.

TargetIps

When the value of RuleType is FORWARD, the IP addresses that the outbound endpoint forwards DNS queries to, typically the IP addresses for DNS resolvers on your network. This value isn't applicable when RuleType is SYSTEM.

For more information about using Fn::GetAtt, see Fn::GetAtt.

See Also