AssociateDelegationSignerToDomain
Creates a delegation signer (DS) record in the registry zone for this domain name.
Note that creating DS record at the registry impacts DNSSEC validation of your DNS records. This action may render your domain name unavailable on the internet if the steps are completed in the wrong order, or with incorrect timing. For more information about DNSSEC signing, see Configuring DNSSEC signing in the Route 53 developer guide.
Request Syntax
{
   "DomainName": "string",
   "SigningAttributes": { 
      "Algorithm": number,
      "Flags": number,
      "PublicKey": "string"
   }
}Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- DomainName
- 
               The name of the domain. Type: String Length Constraints: Maximum length of 255. Required: Yes 
- SigningAttributes
- 
               The information about a key, including the algorithm, public key-value, and flags. Type: DnssecSigningAttributes object Required: Yes 
Response Syntax
{
   "OperationId": "string"
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- OperationId
- 
               The identifier for tracking the progress of the request. To query the operation status, use GetOperationDetail. Type: String Length Constraints: Maximum length of 255. 
Errors
For information about the errors that are common to all actions, see Common Errors.
- DnssecLimitExceeded
- 
               This error is returned if you call AssociateDelegationSignerToDomainwhen the specified domain has reached the maximum number of DS records. You can't add any additional DS records unless you delete an existing one first.HTTP Status Code: 400 
- DuplicateRequest
- 
               The request is already in progress for the domain. - message
- 
                        The request is already in progress for the domain. 
- requestId
- 
                        ID of the request operation. 
 HTTP Status Code: 400 
- InvalidInput
- 
               The requested item is not acceptable. For example, for APIs that accept a domain name, the request might specify a domain name that doesn't belong to the account that submitted the request. For AcceptDomainTransferFromAnotherAwsAccount, the password might be invalid.- message
- 
                        The requested item is not acceptable. For example, for an OperationId it might refer to the ID of an operation that is already completed. For a domain name, it might not be a valid domain name or belong to the requester account. 
 HTTP Status Code: 400 
- OperationLimitExceeded
- 
               The number of operations or jobs running exceeded the allowed threshold for the account. - message
- 
                        The number of operations or jobs running exceeded the allowed threshold for the account. 
 HTTP Status Code: 400 
- TLDRulesViolation
- 
               The top-level domain does not support this operation. - message
- 
                        The top-level domain does not support this operation. 
 HTTP Status Code: 400 
- UnsupportedTLD
- 
               Amazon Route 53 does not support this top-level domain (TLD). - message
- 
                        Amazon Route 53 does not support this top-level domain (TLD). 
 HTTP Status Code: 400 
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: