api_op_CreateKeySigningKey.go (5488B)
1 // Code generated by smithy-go-codegen DO NOT EDIT. 2 3 package route53 4 5 import ( 6 "context" 7 awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" 8 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" 9 "github.com/aws/aws-sdk-go-v2/service/route53/types" 10 "github.com/aws/smithy-go/middleware" 11 smithyhttp "github.com/aws/smithy-go/transport/http" 12 ) 13 14 // Creates a new key-signing key (KSK) associated with a hosted zone. You can only 15 // have two KSKs per hosted zone. 16 func (c *Client) CreateKeySigningKey(ctx context.Context, params *CreateKeySigningKeyInput, optFns ...func(*Options)) (*CreateKeySigningKeyOutput, error) { 17 if params == nil { 18 params = &CreateKeySigningKeyInput{} 19 } 20 21 result, metadata, err := c.invokeOperation(ctx, "CreateKeySigningKey", params, optFns, c.addOperationCreateKeySigningKeyMiddlewares) 22 if err != nil { 23 return nil, err 24 } 25 26 out := result.(*CreateKeySigningKeyOutput) 27 out.ResultMetadata = metadata 28 return out, nil 29 } 30 31 type CreateKeySigningKeyInput struct { 32 33 // A unique string that identifies the request. 34 // 35 // This member is required. 36 CallerReference *string 37 38 // The unique string (ID) used to identify a hosted zone. 39 // 40 // This member is required. 41 HostedZoneId *string 42 43 // The Amazon resource name (ARN) for a customer managed key in Key Management 44 // Service (KMS). The KeyManagementServiceArn must be unique for each key-signing 45 // key (KSK) in a single hosted zone. To see an example of KeyManagementServiceArn 46 // that grants the correct permissions for DNSSEC, scroll down to Example. You must 47 // configure the customer managed customer managed key as follows: Status Enabled 48 // Key spec ECC_NIST_P256 Key usage Sign and verify Key policy The key policy must 49 // give permission for the following actions: 50 // 51 // * DescribeKey 52 // 53 // * GetPublicKey 54 // 55 // * 56 // Sign 57 // 58 // The key policy must also include the Amazon Route 53 service in the 59 // principal for your account. Specify the following: 60 // 61 // * "Service": 62 // "dnssec-route53.amazonaws.com" 63 // 64 // For more information about working with a 65 // customer managed key in KMS, see Key Management Service concepts 66 // (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html). 67 // 68 // This member is required. 69 KeyManagementServiceArn *string 70 71 // A string used to identify a key-signing key (KSK). Name can include numbers, 72 // letters, and underscores (_). Name must be unique for each key-signing key in 73 // the same hosted zone. 74 // 75 // This member is required. 76 Name *string 77 78 // A string specifying the initial status of the key-signing key (KSK). You can set 79 // the value to ACTIVE or INACTIVE. 80 // 81 // This member is required. 82 Status *string 83 84 noSmithyDocumentSerde 85 } 86 87 type CreateKeySigningKeyOutput struct { 88 89 // A complex type that describes change information about changes made to your 90 // hosted zone. 91 // 92 // This member is required. 93 ChangeInfo *types.ChangeInfo 94 95 // The key-signing key (KSK) that the request creates. 96 // 97 // This member is required. 98 KeySigningKey *types.KeySigningKey 99 100 // The unique URL representing the new key-signing key (KSK). 101 // 102 // This member is required. 103 Location *string 104 105 // Metadata pertaining to the operation's result. 106 ResultMetadata middleware.Metadata 107 108 noSmithyDocumentSerde 109 } 110 111 func (c *Client) addOperationCreateKeySigningKeyMiddlewares(stack *middleware.Stack, options Options) (err error) { 112 err = stack.Serialize.Add(&awsRestxml_serializeOpCreateKeySigningKey{}, middleware.After) 113 if err != nil { 114 return err 115 } 116 err = stack.Deserialize.Add(&awsRestxml_deserializeOpCreateKeySigningKey{}, middleware.After) 117 if err != nil { 118 return err 119 } 120 if err = addSetLoggerMiddleware(stack, options); err != nil { 121 return err 122 } 123 if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { 124 return err 125 } 126 if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { 127 return err 128 } 129 if err = addResolveEndpointMiddleware(stack, options); err != nil { 130 return err 131 } 132 if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { 133 return err 134 } 135 if err = addRetryMiddlewares(stack, options); err != nil { 136 return err 137 } 138 if err = addHTTPSignerV4Middleware(stack, options); err != nil { 139 return err 140 } 141 if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { 142 return err 143 } 144 if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { 145 return err 146 } 147 if err = addClientUserAgent(stack); err != nil { 148 return err 149 } 150 if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { 151 return err 152 } 153 if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { 154 return err 155 } 156 if err = addOpCreateKeySigningKeyValidationMiddleware(stack); err != nil { 157 return err 158 } 159 if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateKeySigningKey(options.Region), middleware.Before); err != nil { 160 return err 161 } 162 if err = addRequestIDRetrieverMiddleware(stack); err != nil { 163 return err 164 } 165 if err = addResponseErrorMiddleware(stack); err != nil { 166 return err 167 } 168 if err = addSanitizeURLMiddleware(stack); err != nil { 169 return err 170 } 171 if err = addRequestResponseLogging(stack, options); err != nil { 172 return err 173 } 174 return nil 175 } 176 177 func newServiceMetadataMiddleware_opCreateKeySigningKey(region string) *awsmiddleware.RegisterServiceMetadata { 178 return &awsmiddleware.RegisterServiceMetadata{ 179 Region: region, 180 ServiceID: ServiceID, 181 SigningName: "route53", 182 OperationName: "CreateKeySigningKey", 183 } 184 }