CHECK_ID_extra719="7.19"
CHECK_TITLE_extra719="Check if Route53 hosted zones are logging queries to CloudWatch Logs (Not Scored) (Not part of CIS benchmark)"
CHECK_SCORED_extra719="NOT_SCORED"
CHECK_ALTERNATE_check719="extra719"

extra719(){
  # "Check if Route53 hosted zones are logging queries to CloudWatch Logs (Not Scored) (Not part of CIS benchmark)"
  LIST_OF_HOSTED_ZONES=$($AWSCLI route53 list-hosted-zones $PROFILE_OPT --query HostedZones[*].Id --output text|xargs -n1)
  if [[ $LIST_OF_HOSTED_ZONES ]]; then
    for hostedzoneid in $LIST_OF_HOSTED_ZONES;do
      HOSTED_ZONE_QUERY_LOG_ENABLED=$($AWSCLI route53 list-query-logging-configs --hosted-zone-id $hostedzoneid $PROFILE_OPT --query QueryLoggingConfigs[*].CloudWatchLogsLogGroupArn --output text|cut -d: -f7)
      if [[ $HOSTED_ZONE_QUERY_LOG_ENABLED ]];then
        textOK "Route53 hosted zone Id $hostedzoneid has query logging enabled in Log Group $HOSTED_ZONE_QUERY_LOG_ENABLED"
      else
        textWarn "Route53 hosted zone Id $hostedzoneid has query logging disabled!"
      fi
    done
  else
    textNotice "No Route53 hosted zones found"
  fi
}