KeySigningKeyProps
- class aws_cdk.aws_route53.KeySigningKeyProps(*, hosted_zone, kms_key, key_signing_key_name=None, status=None)
Bases:
object
Properties for constructing a Key Signing Key.
- Parameters:
hosted_zone (
IHostedZone
) – The hosted zone that this key will be used to sign.kms_key (
IKey
) – The customer-managed KMS key that that will be used to sign the records. The KMS Key must be unique for each KSK within a hosted zone. Additionally, the KMS key must be an asymetric customer-managed key using the ECC_NIST_P256 algorithm.key_signing_key_name (
Optional
[str
]) – The name for the key signing key. This name must be unique within a hosted zone. Default: an autogenerated namestatus (
Optional
[KeySigningKeyStatus
]) – The status of the key signing key. Default: ACTIVE
- ExampleMetadata:
infused
Example:
# hosted_zone: route53.HostedZone # kms_key: kms.Key route53.KeySigningKey(self, "KeySigningKey", hosted_zone=hosted_zone, kms_key=kms_key, key_signing_key_name="ksk", status=route53.KeySigningKeyStatus.ACTIVE )
Attributes
- hosted_zone
The hosted zone that this key will be used to sign.
- key_signing_key_name
The name for the key signing key.
This name must be unique within a hosted zone.
- Default:
an autogenerated name
- kms_key
The customer-managed KMS key that that will be used to sign the records.
The KMS Key must be unique for each KSK within a hosted zone. Additionally, the KMS key must be an asymetric customer-managed key using the ECC_NIST_P256 algorithm.
- status
The status of the key signing key.
- Default:
ACTIVE