CfnKeySigningKeyProps
- class aws_cdk.aws_route53.CfnKeySigningKeyProps(*, hosted_zone_id, key_management_service_arn, name, status)
Bases:
objectProperties for defining a
CfnKeySigningKey.- Parameters:
hosted_zone_id (
str) – The unique string (ID) that is used to identify a hosted zone. For example:Z00001111A1ABCaaABC11.key_management_service_arn (
str) – The Amazon resource name (ARN) for a customer managed customer master key (CMK) in AWS Key Management Service ( AWS KMS ). TheKeyManagementServiceArnmust be unique for each key-signing key (KSK) in a single hosted zone. For example:arn:aws:kms:us-east-1:111122223333:key/111a2222-a11b-1ab1-2ab2-1ab21a2b3a111.name (
str) – A string used to identify a key-signing key (KSK).Namecan include numbers, letters, and underscores (_).Namemust be unique for each key-signing key in the same hosted zone.status (
str) – A string that represents the current key-signing key (KSK) status. Status can have one of the following values: - ACTIVE - The KSK is being used for signing. - INACTIVE - The KSK is not being used for signing. - DELETING - The KSK is in the process of being deleted. - ACTION_NEEDED - There is a problem with the KSK that requires you to take action to resolve. For example, the customer managed key might have been deleted, or the permissions for the customer managed key might have been changed. - INTERNAL_FAILURE - There was an error during a request. Before you can continue to work with DNSSEC signing, including actions that involve this KSK, you must correct the problem. For example, you may need to activate or deactivate the KSK.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_route53 as route53 cfn_key_signing_key_props = route53.CfnKeySigningKeyProps( hosted_zone_id="hostedZoneId", key_management_service_arn="keyManagementServiceArn", name="name", status="status" )
Attributes
- hosted_zone_id
The unique string (ID) that is used to identify a hosted zone.
For example:
Z00001111A1ABCaaABC11.
- key_management_service_arn
The Amazon resource name (ARN) for a customer managed customer master key (CMK) in AWS Key Management Service ( AWS KMS ).
The
KeyManagementServiceArnmust be unique for each key-signing key (KSK) in a single hosted zone. For example:arn:aws:kms:us-east-1:111122223333:key/111a2222-a11b-1ab1-2ab2-1ab21a2b3a111.
- name
A string used to identify a key-signing key (KSK).
Namecan include numbers, letters, and underscores (_).Namemust be unique for each key-signing key in the same hosted zone.
- status
A string that represents the current key-signing key (KSK) status.
Status can have one of the following values:
ACTIVE - The KSK is being used for signing.
INACTIVE - The KSK is not being used for signing.
DELETING - The KSK is in the process of being deleted.
ACTION_NEEDED - There is a problem with the KSK that requires you to take action to resolve. For example, the customer managed key might have been deleted, or the permissions for the customer managed key might have been changed.
INTERNAL_FAILURE - There was an error during a request. Before you can continue to work with DNSSEC signing, including actions that involve this KSK, you must correct the problem. For example, you may need to activate or deactivate the KSK.