Interface ZoneSigningOptions
- All Superinterfaces:
software.amazon.jsii.JsiiSerializable
- All Known Implementing Classes:
ZoneSigningOptions.Jsii$Proxy
@Generated(value="jsii-pacmak/1.119.0 (build 1634eac)",
date="2025-11-17T14:40:59.581Z")
@Stability(Stable)
public interface ZoneSigningOptions
extends software.amazon.jsii.JsiiSerializable
Options for enabling key signing from a hosted zone.
Example:
Key kmsKey = Key.Builder.create(this, "KmsCMK")
.keySpec(KeySpec.ECC_NIST_P256)
.keyUsage(KeyUsage.SIGN_VERIFY)
.build();
HostedZone hostedZone = HostedZone.Builder.create(this, "HostedZone")
.zoneName("example.com")
.build();
// Enable DNSSEC signing for the zone
hostedZone.enableDnssec(ZoneSigningOptions.builder().kmsKey(kmsKey).build());
-
Nested Class Summary
Nested ClassesModifier and TypeInterfaceDescriptionstatic final classA builder forZoneSigningOptionsstatic final classAn implementation forZoneSigningOptions -
Method Summary
Modifier and TypeMethodDescriptionstatic ZoneSigningOptions.Builderbuilder()default StringThe name for the key signing key.The customer-managed KMS key that that will be used to sign the records.Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Method Details
-
getKmsKey
The customer-managed KMS key that that will be used to sign the records.The KMS Key must be unique for each KSK within a hosted zone. Additionally, the KMS key must be an asymetric customer-managed key using the ECC_NIST_P256 algorithm.
- See Also:
-
getKeySigningKeyName
The name for the key signing key.This name must be unique within a hosted zone.
Default: an autogenerated name
-
builder
- Returns:
- a
ZoneSigningOptions.BuilderofZoneSigningOptions
-