CreateAccessToken
Creates an access token for a DNS view. Access tokens provide token-based authentication for DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) connections to the Route 53 Global Resolver.
Request Syntax
POST /tokens/dnsViewId HTTP/1.1
Content-type: application/json
{
"clientToken": "string",
"expiresAt": "string",
"name": "string",
"tags": {
"string" : "string"
}
}URI Request Parameters
The request uses the following URI parameters.
- dnsViewId
-
The ID of the DNS view to associate with this token.
Length Constraints: Minimum length of 1. Maximum length of 64.
Pattern:
[-.a-zA-Z0-9]+Required: Yes
Request Body
The request accepts the following data in JSON format.
- clientToken
-
A unique, case-sensitive identifier to ensure idempotency. This means that making the same request multiple times with the same
clientTokenhas the same result every time.Type: String
Length Constraints: Minimum length of 1. Maximum length of 256.
Required: No
- expiresAt
-
The date and time when the token expires. Tokens can have a minimum expiration of 30 days and maximum of 365 days from creation.
Type: Timestamp
Required: No
- name
-
A descriptive name for the access token.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 32.
Pattern:
(?!^[0-9]+$)([a-zA-Z0-9-_/' ']+)Required: No
-
An array of user-defined keys and optional values. These tags can be used for categorization and organization.
Type: String to string map
Map Entries: Minimum number of 0 items. Maximum number of 50 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Key Pattern:
([\p{L}\p{Z}\p{N}_.:/=+\-@]*)Value Length Constraints: Minimum length of 0. Maximum length of 256.
Value Pattern:
([\p{L}\p{Z}\p{N}_.:/=+\-@]*)Required: No
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"arn": "string",
"clientToken": "string",
"createdAt": "string",
"dnsViewId": "string",
"expiresAt": "string",
"id": "string",
"name": "string",
"status": "string",
"value": "string"
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- arn
-
The Amazon Resource Name (ARN) of the access token.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 2048.
Pattern:
arn:[-.a-z0-9]{1,63}:[-.a-z0-9]{1,63}:[-.a-z0-9]{0,63}:[-.a-z0-9]{0,63}:[^/].{0,1023} - clientToken
-
The unique string that identifies the request and ensures idempotency.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 256.
- createdAt
-
The date and time when the access token was created.
Type: Timestamp
- dnsViewId
-
The ID of the DNS view associated with this access token.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 64.
Pattern:
[-.a-zA-Z0-9]+ - expiresAt
-
The date and time when the access token expires.
Type: Timestamp
- id
-
The unique identifier for the access token.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 64.
Pattern:
[-.a-zA-Z0-9]+ - name
-
The name of the access token.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 32.
Pattern:
(?!^[0-9]+$)([a-zA-Z0-9-_/' ']+) - status
-
The operational status of the access token.
Type: String
Valid Values:
CREATING | OPERATIONAL | DELETING - value
-
The access token value. This token should be included in DoH and DoT requests for authentication. Keep this value secure as it provides access to your Route 53 Global Resolver.
Type: String
Length Constraints: Minimum length of 0. Maximum length of 100.
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
You don't have permission to perform this operation. Check your IAM permissions and try again.
HTTP Status Code: 403
- ConflictException
-
The request conflicts with the current state of the resource. This can occur when trying to modify a resource that is not in a valid state for the requested operation.
- resourceId
-
The ID of the conflicting resource.
- resourceType
-
The type of the conflicting resource.
HTTP Status Code: 409
- InternalServerException
-
An internal server error occurred. Try again later.
- retryAfterSeconds
-
Number of seconds in which the caller can retry the request.
HTTP Status Code: 500
- ResourceNotFoundException
-
The specified resource was not found. Verify the resource ID and try again.
- resourceId
-
The unique ID of the resource referenced in the failed request.
- resourceType
-
The resource type of the resource referenced in the failed request.
HTTP Status Code: 404
- ServiceQuotaExceededException
-
The request would exceed one or more service quotas. Check your current usage and quotas, then try again.
- quotaCode
-
The quota code recognized by the AWS Service Quotas service.
- resourceId
-
The unique ID of the resource referenced in the failed request.
- resourceType
-
The resource type of the resource referenced in the failed request.
- serviceCode
-
The code for the AWS service that owns the quota.
HTTP Status Code: 402
- ThrottlingException
-
The request was throttled due to too many requests. Wait a moment and try again.
- quotaCode
-
The quota code recognized by the AWS Service Quotas service.
- retryAfterSeconds
-
Number of seconds in which the caller can retry the request.
- serviceCode
-
The code for the AWS service that owns the quota.
HTTP Status Code: 429
- ValidationException
-
The input parameters are invalid. Check the parameter values and try again.
- fieldList
-
The list of fields that aren't valid.
- reason
-
Reason the request failed validation.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
