You have configured a hosted zone in Route 53
You need to have the ability to see the types of records being requested to the zone.
How can you configure this?
Click on the arrows to vote for the correct answer
A. B. C. D.Answer - B.
This is given in the AWS Documentation.
You can configure Amazon Route 53 to log information about the queries that Route 53 receives, such as the following.
· The domain or subdomain that was requested.
· The date and time of the request.
· The DNS record type (such as A or AAAA)
· The Route 53 edge location that responded to the DNS query.
· The DNS response code, such as NoError or ServFail.
Option A is invalid since this will only give the results of the requests to the VPC.Option C is invalid since this will only give metric details.
Option D is invalid since this will only give API level call activity.
For more information on querying logs in Route 53, please refer to the below URL.
https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.htmlThe correct answer to this question is B. Configure Amazon Route 53 logging.
Amazon Route 53 is a highly available and scalable Domain Name System (DNS) web service. It is used to route end users to Internet applications by translating domain names to IP addresses. Route 53 logging allows you to monitor and track domain name system (DNS) queries for your hosted zone, such as the types of records being requested and the source IP address of the requester. This information can be useful for debugging and troubleshooting, as well as for monitoring security-related events.
To configure Route 53 logging, you need to perform the following steps:
Create an Amazon S3 bucket - To store the Route 53 log files, you need to create an Amazon S3 bucket in the same region as your hosted zone.
Enable logging - In the Route 53 console, select your hosted zone, click on the "Create log group" button in the "Logging" section, and select the S3 bucket that you created in step 1. You can also choose the log file format and the frequency of logging.
Analyze logs - Once logging is enabled, Route 53 will start to log DNS queries to the S3 bucket. You can then use tools like Amazon CloudWatch Logs Insights, Amazon Athena, or any other log analysis tool to analyze the log data.
Note that options A, C, and D are not relevant for this scenario.
A. Configure VPC Flow Logs: VPC Flow Logs capture information about the IP traffic going to and from network interfaces in a VPC. It does not provide any information about DNS queries made to a hosted zone.
C. Configure Cloudwatch metrics: CloudWatch metrics provide information about the utilization of AWS resources, such as EC2 instances, RDS databases, or ELB load balancers. It does not provide any information about DNS queries made to a hosted zone.
D. Configure Cloudtrail: CloudTrail logs API activity in your AWS account, including actions taken on Route 53. It does not provide any information about DNS queries made to a hosted zone.