Interface IKeySigningKeyProps

Properties for constructing a Key Signing Key.

Namespace: Amazon.CDK.AWS.Route53

Assembly: Amazon.CDK.Lib.dll

Syntax (csharp)

public interface IKeySigningKeyProps

Syntax (vb)

Public Interface IKeySigningKeyProps

Remarks

ExampleMetadata: infused

Examples

HostedZone hostedZone;
            Key kmsKey;

            new KeySigningKey(this, "KeySigningKey", new KeySigningKeyProps {
                HostedZone = hostedZone,
                KmsKey = kmsKey,
                KeySigningKeyName = "ksk",
                Status = KeySigningKeyStatus.ACTIVE
            });

Synopsis

Properties

HostedZone	The hosted zone that this key will be used to sign.
KeySigningKeyName	The name for the key signing key.
KmsKey	The customer-managed KMS key that that will be used to sign the records.
Status	The status of the key signing key.

Properties

HostedZone

The hosted zone that this key will be used to sign.

IHostedZone HostedZone { get; }

Property Value

IHostedZone

Remarks

ExampleMetadata: infused

KeySigningKeyName

The name for the key signing key.

string? KeySigningKeyName { get; }

Property Value

string

Remarks

This name must be unique within a hosted zone.

Default: an autogenerated name

KmsKey

The customer-managed KMS key that that will be used to sign the records.

IKey KmsKey { get; }

Property Value

IKey

Remarks

The KMS Key must be unique for each KSK within a hosted zone. Additionally, the KMS key must be an asymetric customer-managed key using the ECC_NIST_P256 algorithm.

See: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec-cmk-requirements.html

Status

The status of the key signing key.

KeySigningKeyStatus? Status { get; }

Property Value

KeySigningKeyStatus?

Remarks

Default: ACTIVE