Hi Brendan,
There is a small mistake with your config. You have an ACL like the below
access-list dmz_access_in extended deny ip object-group SRV-DMZ-GROUP 172.20.20.0 255.255.254.0
access-list dmz_access_in extended permit object-group DM_INLINE_SERVICE_2 object-group SRV-DMZ-GROUP
!
You are denying the entire IP packet in the line 1. So it blocks all the traffic to go out. Also DNS uses UDP not the tcp.
Please have the premit rule in the 1st. Apply the below mentioned ACL.
ACL
=====
no access-list dmz_access_in
access-list dmz_access_in extended permit udp object-group SRV-DMZ-GROUP host 66.49.220.95 eq 53
access-list dmz_access_in extended permit udp object-group SRV-DMZ-GROUP host 67.55.0.11eq 53
access-list dmz_access_in extended permit object-group SRV-DMZ-GROUP object-group DM_INLINE_SERVICE_2
access-list dmz_access_in extended deny ip object-group SRV-DMZ-GROUP 172.20.20.0 255.255.254.0
!
I have modified little as per the requirement. Your dns issue will get resolved with this acl's applied.
Please do rate if the given info helps.
By
Karthik