api_op_CreateKeySigningKey.go (5825B)
1 // Code generated by smithy-go-codegen DO NOT EDIT. 2 3 package route53 4 5 import ( 6 "context" 7 "fmt" 8 awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" 9 "github.com/aws/aws-sdk-go-v2/service/route53/types" 10 "github.com/aws/smithy-go/middleware" 11 smithyhttp "github.com/aws/smithy-go/transport/http" 12 ) 13 14 // Creates a new key-signing key (KSK) associated with a hosted zone. You can only 15 // have two KSKs per hosted zone. 16 func (c *Client) CreateKeySigningKey(ctx context.Context, params *CreateKeySigningKeyInput, optFns ...func(*Options)) (*CreateKeySigningKeyOutput, error) { 17 if params == nil { 18 params = &CreateKeySigningKeyInput{} 19 } 20 21 result, metadata, err := c.invokeOperation(ctx, "CreateKeySigningKey", params, optFns, c.addOperationCreateKeySigningKeyMiddlewares) 22 if err != nil { 23 return nil, err 24 } 25 26 out := result.(*CreateKeySigningKeyOutput) 27 out.ResultMetadata = metadata 28 return out, nil 29 } 30 31 type CreateKeySigningKeyInput struct { 32 33 // A unique string that identifies the request. 34 // 35 // This member is required. 36 CallerReference *string 37 38 // The unique string (ID) used to identify a hosted zone. 39 // 40 // This member is required. 41 HostedZoneId *string 42 43 // The Amazon resource name (ARN) for a customer managed key in Key Management 44 // Service (KMS). The KeyManagementServiceArn must be unique for each key-signing 45 // key (KSK) in a single hosted zone. To see an example of KeyManagementServiceArn 46 // that grants the correct permissions for DNSSEC, scroll down to Example. You must 47 // configure the customer managed customer managed key as follows: Status Enabled 48 // Key spec ECC_NIST_P256 Key usage Sign and verify Key policy The key policy must 49 // give permission for the following actions: 50 // - DescribeKey 51 // - GetPublicKey 52 // - Sign 53 // The key policy must also include the Amazon Route 53 service in the principal 54 // for your account. Specify the following: 55 // - "Service": "dnssec-route53.amazonaws.com" 56 // For more information about working with a customer managed key in KMS, see Key 57 // Management Service concepts (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html) 58 // . 59 // 60 // This member is required. 61 KeyManagementServiceArn *string 62 63 // A string used to identify a key-signing key (KSK). Name can include numbers, 64 // letters, and underscores (_). Name must be unique for each key-signing key in 65 // the same hosted zone. 66 // 67 // This member is required. 68 Name *string 69 70 // A string specifying the initial status of the key-signing key (KSK). You can 71 // set the value to ACTIVE or INACTIVE . 72 // 73 // This member is required. 74 Status *string 75 76 noSmithyDocumentSerde 77 } 78 79 type CreateKeySigningKeyOutput struct { 80 81 // A complex type that describes change information about changes made to your 82 // hosted zone. 83 // 84 // This member is required. 85 ChangeInfo *types.ChangeInfo 86 87 // The key-signing key (KSK) that the request creates. 88 // 89 // This member is required. 90 KeySigningKey *types.KeySigningKey 91 92 // The unique URL representing the new key-signing key (KSK). 93 // 94 // This member is required. 95 Location *string 96 97 // Metadata pertaining to the operation's result. 98 ResultMetadata middleware.Metadata 99 100 noSmithyDocumentSerde 101 } 102 103 func (c *Client) addOperationCreateKeySigningKeyMiddlewares(stack *middleware.Stack, options Options) (err error) { 104 if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { 105 return err 106 } 107 err = stack.Serialize.Add(&awsRestxml_serializeOpCreateKeySigningKey{}, middleware.After) 108 if err != nil { 109 return err 110 } 111 err = stack.Deserialize.Add(&awsRestxml_deserializeOpCreateKeySigningKey{}, middleware.After) 112 if err != nil { 113 return err 114 } 115 if err := addProtocolFinalizerMiddlewares(stack, options, "CreateKeySigningKey"); err != nil { 116 return fmt.Errorf("add protocol finalizers: %v", err) 117 } 118 119 if err = addlegacyEndpointContextSetter(stack, options); err != nil { 120 return err 121 } 122 if err = addSetLoggerMiddleware(stack, options); err != nil { 123 return err 124 } 125 if err = addClientRequestID(stack); err != nil { 126 return err 127 } 128 if err = addComputeContentLength(stack); err != nil { 129 return err 130 } 131 if err = addResolveEndpointMiddleware(stack, options); err != nil { 132 return err 133 } 134 if err = addComputePayloadSHA256(stack); err != nil { 135 return err 136 } 137 if err = addRetry(stack, options); err != nil { 138 return err 139 } 140 if err = addRawResponseToMetadata(stack); err != nil { 141 return err 142 } 143 if err = addRecordResponseTiming(stack); err != nil { 144 return err 145 } 146 if err = addClientUserAgent(stack, options); err != nil { 147 return err 148 } 149 if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { 150 return err 151 } 152 if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { 153 return err 154 } 155 if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { 156 return err 157 } 158 if err = addOpCreateKeySigningKeyValidationMiddleware(stack); err != nil { 159 return err 160 } 161 if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateKeySigningKey(options.Region), middleware.Before); err != nil { 162 return err 163 } 164 if err = addRecursionDetection(stack); err != nil { 165 return err 166 } 167 if err = addRequestIDRetrieverMiddleware(stack); err != nil { 168 return err 169 } 170 if err = addResponseErrorMiddleware(stack); err != nil { 171 return err 172 } 173 if err = addSanitizeURLMiddleware(stack); err != nil { 174 return err 175 } 176 if err = addRequestResponseLogging(stack, options); err != nil { 177 return err 178 } 179 if err = addDisableHTTPSMiddleware(stack, options); err != nil { 180 return err 181 } 182 return nil 183 } 184 185 func newServiceMetadataMiddleware_opCreateKeySigningKey(region string) *awsmiddleware.RegisterServiceMetadata { 186 return &awsmiddleware.RegisterServiceMetadata{ 187 Region: region, 188 ServiceID: ServiceID, 189 OperationName: "CreateKeySigningKey", 190 } 191 }