api_op_CreateKeySigningKey.go (7319B)
1 // Code generated by smithy-go-codegen DO NOT EDIT. 2 3 package route53 4 5 import ( 6 "context" 7 "fmt" 8 awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" 9 "github.com/aws/aws-sdk-go-v2/service/route53/types" 10 "github.com/aws/smithy-go/middleware" 11 smithyhttp "github.com/aws/smithy-go/transport/http" 12 ) 13 14 // Creates a new key-signing key (KSK) associated with a hosted zone. You can only 15 // have two KSKs per hosted zone. 16 func (c *Client) CreateKeySigningKey(ctx context.Context, params *CreateKeySigningKeyInput, optFns ...func(*Options)) (*CreateKeySigningKeyOutput, error) { 17 if params == nil { 18 params = &CreateKeySigningKeyInput{} 19 } 20 21 result, metadata, err := c.invokeOperation(ctx, "CreateKeySigningKey", params, optFns, c.addOperationCreateKeySigningKeyMiddlewares) 22 if err != nil { 23 return nil, err 24 } 25 26 out := result.(*CreateKeySigningKeyOutput) 27 out.ResultMetadata = metadata 28 return out, nil 29 } 30 31 type CreateKeySigningKeyInput struct { 32 33 // A unique string that identifies the request. 34 // 35 // This member is required. 36 CallerReference *string 37 38 // The unique string (ID) used to identify a hosted zone. 39 // 40 // This member is required. 41 HostedZoneId *string 42 43 // The Amazon resource name (ARN) for a customer managed key in Key Management 44 // Service (KMS). The KeyManagementServiceArn must be unique for each key-signing 45 // key (KSK) in a single hosted zone. To see an example of KeyManagementServiceArn 46 // that grants the correct permissions for DNSSEC, scroll down to Example. 47 // 48 // You must configure the customer managed customer managed key as follows: 49 // 50 // Status Enabled 51 // 52 // Key spec ECC_NIST_P256 53 // 54 // Key usage Sign and verify 55 // 56 // Key policy The key policy must give permission for the following actions: 57 // 58 // - DescribeKey 59 // 60 // - GetPublicKey 61 // 62 // - Sign 63 // 64 // The key policy must also include the Amazon Route 53 service in the principal 65 // for your account. Specify the following: 66 // 67 // - "Service": "dnssec-route53.amazonaws.com" 68 // 69 // For more information about working with a customer managed key in KMS, see [Key Management Service concepts]. 70 // 71 // [Key Management Service concepts]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html 72 // 73 // This member is required. 74 KeyManagementServiceArn *string 75 76 // A string used to identify a key-signing key (KSK). Name can include numbers, 77 // letters, and underscores (_). Name must be unique for each key-signing key in 78 // the same hosted zone. 79 // 80 // This member is required. 81 Name *string 82 83 // A string specifying the initial status of the key-signing key (KSK). You can 84 // set the value to ACTIVE or INACTIVE . 85 // 86 // This member is required. 87 Status *string 88 89 noSmithyDocumentSerde 90 } 91 92 type CreateKeySigningKeyOutput struct { 93 94 // A complex type that describes change information about changes made to your 95 // hosted zone. 96 // 97 // This member is required. 98 ChangeInfo *types.ChangeInfo 99 100 // The key-signing key (KSK) that the request creates. 101 // 102 // This member is required. 103 KeySigningKey *types.KeySigningKey 104 105 // The unique URL representing the new key-signing key (KSK). 106 // 107 // This member is required. 108 Location *string 109 110 // Metadata pertaining to the operation's result. 111 ResultMetadata middleware.Metadata 112 113 noSmithyDocumentSerde 114 } 115 116 func (c *Client) addOperationCreateKeySigningKeyMiddlewares(stack *middleware.Stack, options Options) (err error) { 117 if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { 118 return err 119 } 120 err = stack.Serialize.Add(&awsRestxml_serializeOpCreateKeySigningKey{}, middleware.After) 121 if err != nil { 122 return err 123 } 124 err = stack.Deserialize.Add(&awsRestxml_deserializeOpCreateKeySigningKey{}, middleware.After) 125 if err != nil { 126 return err 127 } 128 if err := addProtocolFinalizerMiddlewares(stack, options, "CreateKeySigningKey"); err != nil { 129 return fmt.Errorf("add protocol finalizers: %v", err) 130 } 131 132 if err = addlegacyEndpointContextSetter(stack, options); err != nil { 133 return err 134 } 135 if err = addSetLoggerMiddleware(stack, options); err != nil { 136 return err 137 } 138 if err = addClientRequestID(stack); err != nil { 139 return err 140 } 141 if err = addComputeContentLength(stack); err != nil { 142 return err 143 } 144 if err = addResolveEndpointMiddleware(stack, options); err != nil { 145 return err 146 } 147 if err = addComputePayloadSHA256(stack); err != nil { 148 return err 149 } 150 if err = addRetry(stack, options); err != nil { 151 return err 152 } 153 if err = addRawResponseToMetadata(stack); err != nil { 154 return err 155 } 156 if err = addRecordResponseTiming(stack); err != nil { 157 return err 158 } 159 if err = addSpanRetryLoop(stack, options); err != nil { 160 return err 161 } 162 if err = addClientUserAgent(stack, options); err != nil { 163 return err 164 } 165 if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { 166 return err 167 } 168 if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { 169 return err 170 } 171 if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { 172 return err 173 } 174 if err = addTimeOffsetBuild(stack, c); err != nil { 175 return err 176 } 177 if err = addUserAgentRetryMode(stack, options); err != nil { 178 return err 179 } 180 if err = addCredentialSource(stack, options); err != nil { 181 return err 182 } 183 if err = addOpCreateKeySigningKeyValidationMiddleware(stack); err != nil { 184 return err 185 } 186 if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateKeySigningKey(options.Region), middleware.Before); err != nil { 187 return err 188 } 189 if err = addRecursionDetection(stack); err != nil { 190 return err 191 } 192 if err = addRequestIDRetrieverMiddleware(stack); err != nil { 193 return err 194 } 195 if err = addResponseErrorMiddleware(stack); err != nil { 196 return err 197 } 198 if err = addSanitizeURLMiddleware(stack); err != nil { 199 return err 200 } 201 if err = addRequestResponseLogging(stack, options); err != nil { 202 return err 203 } 204 if err = addDisableHTTPSMiddleware(stack, options); err != nil { 205 return err 206 } 207 if err = addInterceptBeforeRetryLoop(stack, options); err != nil { 208 return err 209 } 210 if err = addInterceptAttempt(stack, options); err != nil { 211 return err 212 } 213 if err = addInterceptExecution(stack, options); err != nil { 214 return err 215 } 216 if err = addInterceptBeforeSerialization(stack, options); err != nil { 217 return err 218 } 219 if err = addInterceptAfterSerialization(stack, options); err != nil { 220 return err 221 } 222 if err = addInterceptBeforeSigning(stack, options); err != nil { 223 return err 224 } 225 if err = addInterceptAfterSigning(stack, options); err != nil { 226 return err 227 } 228 if err = addInterceptTransmit(stack, options); err != nil { 229 return err 230 } 231 if err = addInterceptBeforeDeserialization(stack, options); err != nil { 232 return err 233 } 234 if err = addInterceptAfterDeserialization(stack, options); err != nil { 235 return err 236 } 237 if err = addSpanInitializeStart(stack); err != nil { 238 return err 239 } 240 if err = addSpanInitializeEnd(stack); err != nil { 241 return err 242 } 243 if err = addSpanBuildRequestStart(stack); err != nil { 244 return err 245 } 246 if err = addSpanBuildRequestEnd(stack); err != nil { 247 return err 248 } 249 return nil 250 } 251 252 func newServiceMetadataMiddleware_opCreateKeySigningKey(region string) *awsmiddleware.RegisterServiceMetadata { 253 return &awsmiddleware.RegisterServiceMetadata{ 254 Region: region, 255 ServiceID: ServiceID, 256 OperationName: "CreateKeySigningKey", 257 } 258 }