PublicHostedZone

class aws_cdk.aws_route53.PublicHostedZone(scope, id, *, caa_amazon=None, cross_account_zone_delegation_principal=None, cross_account_zone_delegation_role_name=None, zone_name, add_trailing_dot=None, comment=None, query_logs_log_group_arn=None)

Bases: HostedZone

Create a Route53 public hosted zone.

Resource:

AWS::Route53::HostedZone

ExampleMetadata:

infused

Example:

stack1 = Stack(app, "Stack1",
    env=Environment(
        region="us-east-1"
    ),
    cross_region_references=True
)
cert = acm.Certificate(stack1, "Cert",
    domain_name="*.example.com",
    validation=acm.CertificateValidation.from_dns(route53.PublicHostedZone.from_hosted_zone_id(stack1, "Zone", "Z0329774B51CGXTDQV3X"))
)

stack2 = Stack(app, "Stack2",
    env=Environment(
        region="us-east-2"
    ),
    cross_region_references=True
)
cloudfront.Distribution(stack2, "Distribution",
    default_behavior=cloudfront.BehaviorOptions(
        origin=origins.HttpOrigin("example.com")
    ),
    domain_names=["dev.example.com"],
    certificate=cert
)
Parameters:

  • scope (Construct) –

  • id (str) –

  • caa_amazon (Optional[bool]) – Whether to create a CAA record to restrict certificate authorities allowed to issue certificates for this domain to Amazon only. Default: false

  • cross_account_zone_delegation_principal (Optional[IPrincipal]) – (deprecated) A principal which is trusted to assume a role for zone delegation. If supplied, this will create a Role in the same account as the Hosted Zone, which can be assumed by the CrossAccountZoneDelegationRecord to create a delegation record to a zone in a different account. Be sure to indicate the account(s) that you trust to create delegation records, using either iam.AccountPrincipal or iam.OrganizationPrincipal. If you are planning to use ``iam.ServicePrincipal``s here, be sure to include region-specific service principals for every opt-in region you are going to be delegating to; or don’t use this feature and create separate roles with appropriate permissions for every opt-in region instead. Default: - No delegation configuration

  • cross_account_zone_delegation_role_name (Optional[str]) – (deprecated) The name of the role created for cross account delegation. Default: - A role name is generated automatically

  • zone_name (str) – The name of the domain. For resource record types that include a domain name, specify a fully qualified domain name.

  • add_trailing_dot (Optional[bool]) – Whether to add a trailing dot to the zone name. Default: true

  • comment (Optional[str]) – Any comments that you want to include about the hosted zone. Default: none

  • query_logs_log_group_arn (Optional[str]) – The Amazon Resource Name (ARN) for the log group that you want Amazon Route 53 to send query logs to. Default: disabled

Methods

add_delegation(delegate, *, comment=None, ttl=None)

Adds a delegation from this zone to a designated zone.

Parameters:

  • delegate (IPublicHostedZone) – the zone being delegated to.

  • comment (Optional[str]) – A comment to add on the DNS record created to incorporate the delegation. Default: none

  • ttl (Optional[Duration]) – The TTL (Time To Live) of the DNS delegation record in DNS caches. Default: 172800

Return type:

None

add_vpc(_vpc)

Add another VPC to this private hosted zone.

Parameters:

_vpc (IVpc) –

Return type:

None

apply_removal_policy(policy)

Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you’ve removed it from the CDK application or because you’ve made a change that requires the resource to be replaced.

The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).

Parameters:

policy (RemovalPolicy) –

Return type:

None

enable_dnssec(*, kms_key, key_signing_key_name=None)

Enable DNSSEC for this hosted zone.

This will create a key signing key with the given options and enable DNSSEC signing for the hosted zone.

Parameters:

  • kms_key (IKey) – The customer-managed KMS key that that will be used to sign the records. The KMS Key must be unique for each KSK within a hosted zone. Additionally, the KMS key must be an asymetric customer-managed key using the ECC_NIST_P256 algorithm.

  • key_signing_key_name (Optional[str]) – The name for the key signing key. This name must be unique within a hosted zone. Default: an autogenerated name

Return type:

IKeySigningKey

grant_delegation(grantee)

Grant permissions to add delegation records to this zone.

Parameters:

grantee (IGrantable) –

Return type:

Grant

to_string()

Returns a string representation of this construct.

Return type:

str

Attributes

cross_account_zone_delegation_role

Role for cross account zone delegation.

env

The environment this resource belongs to.

For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.

hosted_zone_arn

route53:::hostedzone/${Id}.

Type:

ARN of this hosted zone, such as arn

Type:

${Partition}

hosted_zone_id

ID of this hosted zone, such as “Z23ABC4XYZL05B”.

hosted_zone_name_servers

ns1.example.com.

This attribute will be undefined for private hosted zones or hosted zones imported from another stack.

Type:

Returns the set of name servers for the specific hosted zone. For example

node

The tree node.

stack

The stack in which this resource is defined.

zone_name

FQDN of this hosted zone.

Static Methods

classmethod from_hosted_zone_attributes(scope, id, *, hosted_zone_id, zone_name)

Imports a hosted zone from another stack.

Use when both hosted zone ID and hosted zone name are known.

Parameters:

  • scope (Construct) – the parent Construct for this Construct.

  • id (str) – the logical name of this Construct.

  • hosted_zone_id (str) – Identifier of the hosted zone.

  • zone_name (str) – Name of the hosted zone.

Return type:

IHostedZone

classmethod from_hosted_zone_id(scope, id, hosted_zone_id)

Import a Route 53 hosted zone defined either outside the CDK, or in a different CDK stack.

Use when hosted zone ID is known. If a HostedZone is imported with this method the zoneName cannot be referenced. If the zoneName is needed then the HostedZone should be imported with fromHostedZoneAttributes() or fromLookup()

Parameters:

  • scope (Construct) – the parent Construct for this Construct.

  • id (str) – the logical name of this Construct.

  • hosted_zone_id (str) – the ID of the hosted zone to import.

Return type:

IHostedZone

classmethod from_lookup(scope, id, *, domain_name, private_zone=None, vpc_id=None)

Lookup a hosted zone in the current account/region based on query parameters.

Requires environment, you must specify env for the stack.

Use to easily query hosted zones.

Parameters:

  • scope (Construct) –

  • id (str) –

  • domain_name (str) – The zone domain e.g. example.com.

  • private_zone (Optional[bool]) – Whether the zone that is being looked up is a private hosted zone. Default: false

  • vpc_id (Optional[str]) – Specifies the ID of the VPC associated with a private hosted zone. If a VPC ID is provided and privateZone is false, no results will be returned and an error will be raised Default: - No VPC ID

See:

https://docs.aws.amazon.com/cdk/latest/guide/environments.html

Return type:

IHostedZone

classmethod from_public_hosted_zone_attributes(scope, id, *, hosted_zone_id, zone_name)

Imports a public hosted zone from another stack.

Use when both hosted zone ID and hosted zone name are known.

Parameters:

  • scope (Construct) – the parent Construct for this Construct.

  • id (str) – the logical name of this Construct.

  • hosted_zone_id (str) – Identifier of the hosted zone.

  • zone_name (str) – Name of the hosted zone.

Return type:

IPublicHostedZone

classmethod from_public_hosted_zone_id(scope, id, public_hosted_zone_id)

Import a Route 53 public hosted zone defined either outside the CDK, or in a different CDK stack.

Use when hosted zone ID is known. If a PublicHostedZone is imported with this method the zoneName cannot be referenced. If the zoneName is needed then the PublicHostedZone should be imported with fromPublicHostedZoneAttributes().

Parameters:

  • scope (Construct) – the parent Construct for this Construct.

  • id (str) – the logical name of this Construct.

  • public_hosted_zone_id (str) – the ID of the public hosted zone to import.

Return type:

IPublicHostedZone

classmethod is_construct(x)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

Parameters:

x (Any) – Any object.

Return type:

bool

Returns:

true if x is an object created from a class which extends Construct.

classmethod is_owned_resource(construct)

Returns true if the construct was created by CDK, and false otherwise.

Parameters:

construct (IConstruct) –

Return type:

bool

classmethod is_resource(construct)

Check whether the given construct is a Resource.

Parameters:

construct (IConstruct) –

Return type:

bool