aws-cdk-lib.aws_route53.PublicHostedZoneProps

interface PublicHostedZoneProps

LanguageType name
.NETAmazon.CDK.AWS.Route53.PublicHostedZoneProps
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsroute53#PublicHostedZoneProps
Javasoftware.amazon.awscdk.services.route53.PublicHostedZoneProps
Pythonaws_cdk.aws_route53.PublicHostedZoneProps
TypeScript (source)aws-cdk-lib » aws_route53 » PublicHostedZoneProps

Construction properties for a PublicHostedZone.

Example

const subZone = new route53.PublicHostedZone(this, 'SubZone', {
  zoneName: 'sub.someexample.com',
});

// import the delegation role by constructing the roleArn
const delegationRoleArn = Stack.of(this).formatArn({
  region: '', // IAM is global in each partition
  service: 'iam',
  account: 'parent-account-id',
  resource: 'role',
  resourceName: 'MyDelegationRole',
});
const delegationRole = iam.Role.fromRoleArn(this, 'DelegationRole', delegationRoleArn);

// create the record
new route53.CrossAccountZoneDelegationRecord(this, 'delegate', {
  delegatedZone: subZone,
  parentHostedZoneName: 'someexample.com', // or you can use parentHostedZoneId
  delegationRole,
});

Properties

NameTypeDescription
zoneNamestringThe name of the domain.
addTrailingDot?booleanWhether to add a trailing dot to the zone name.
caaAmazon?booleanWhether to create a CAA record to restrict certificate authorities allowed to issue certificates for this domain to Amazon only.
comment?stringAny comments that you want to include about the hosted zone.
crossAccountZoneDelegationPrincipal?⚠️IPrincipalA principal which is trusted to assume a role for zone delegation.
crossAccountZoneDelegationRoleName?⚠️stringThe name of the role created for cross account delegation.
queryLogsLogGroupArn?stringThe Amazon Resource Name (ARN) for the log group that you want Amazon Route 53 to send query logs to.

zoneName

Type: string

The name of the domain.

For resource record types that include a domain name, specify a fully qualified domain name.


addTrailingDot?

Type: boolean (optional, default: true)

Whether to add a trailing dot to the zone name.


caaAmazon?

Type: boolean (optional, default: false)

Whether to create a CAA record to restrict certificate authorities allowed to issue certificates for this domain to Amazon only.


comment?

Type: string (optional, default: none)

Any comments that you want to include about the hosted zone.


crossAccountZoneDelegationPrincipal?⚠️

⚠️ Deprecated: Create the Role yourself and call hostedZone.grantDelegation().

Type: IPrincipal (optional, default: No delegation configuration)

A principal which is trusted to assume a role for zone delegation.

If supplied, this will create a Role in the same account as the Hosted Zone, which can be assumed by the CrossAccountZoneDelegationRecord to create a delegation record to a zone in a different account.

Be sure to indicate the account(s) that you trust to create delegation records, using either iam.AccountPrincipal or iam.OrganizationPrincipal.

If you are planning to use iam.ServicePrincipals here, be sure to include region-specific service principals for every opt-in region you are going to be delegating to; or don't use this feature and create separate roles with appropriate permissions for every opt-in region instead.


crossAccountZoneDelegationRoleName?⚠️

⚠️ Deprecated: Create the Role yourself and call hostedZone.grantDelegation().

Type: string (optional, default: A role name is generated automatically)

The name of the role created for cross account delegation.


queryLogsLogGroupArn?

Type: string (optional, default: disabled)

The Amazon Resource Name (ARN) for the log group that you want Amazon Route 53 to send query logs to.