Delete DNS query logs

Platform: AWS

MITRE ATT&CK Tactics

Deletes a Route53 DNS Resolver query logging configuration. Simulates an attacker disrupting DNS logging.

Warm-up:

Detonation:

Detonate with Stratus Red Team

stratus detonate aws.defense-evasion.dns-delete-logs

Identify when a DNS logging configuration is deleted, through CloudTrail's DeleteQueryLoggingConfig event.