interface PublicHostedZoneProps
Language | Type name |
---|---|
![]() | Amazon.CDK.AWS.Route53.PublicHostedZoneProps |
![]() | github.com/aws/aws-cdk-go/awscdk/v2/awsroute53#PublicHostedZoneProps |
![]() | software.amazon.awscdk.services.route53.PublicHostedZoneProps |
![]() | aws_cdk.aws_route53.PublicHostedZoneProps |
![]() | aws-cdk-lib » aws_route53 » PublicHostedZoneProps |
Construction properties for a PublicHostedZone.
Example
const subZone = new route53.PublicHostedZone(this, 'SubZone', {
zoneName: 'sub.someexample.com',
});
// import the delegation role by constructing the roleArn
const delegationRoleArn = Stack.of(this).formatArn({
region: '', // IAM is global in each partition
service: 'iam',
account: 'parent-account-id',
resource: 'role',
resourceName: 'MyDelegationRole',
});
const delegationRole = iam.Role.fromRoleArn(this, 'DelegationRole', delegationRoleArn);
// create the record
new route53.CrossAccountZoneDelegationRecord(this, 'delegate', {
delegatedZone: subZone,
parentHostedZoneName: 'someexample.com', // or you can use parentHostedZoneId
delegationRole,
});
Properties
Name | Type | Description |
---|---|---|
zone | string | The name of the domain. |
add | boolean | Whether to add a trailing dot to the zone name. |
caa | boolean | Whether to create a CAA record to restrict certificate authorities allowed to issue certificates for this domain to Amazon only. |
comment? | string | Any comments that you want to include about the hosted zone. |
cross | IPrincipal | A principal which is trusted to assume a role for zone delegation. |
cross | string | The name of the role created for cross account delegation. |
query | string | The Amazon Resource Name (ARN) for the log group that you want Amazon Route 53 to send query logs to. |
zoneName
Type:
string
The name of the domain.
For resource record types that include a domain name, specify a fully qualified domain name.
addTrailingDot?
Type:
boolean
(optional, default: true)
Whether to add a trailing dot to the zone name.
caaAmazon?
Type:
boolean
(optional, default: false)
Whether to create a CAA record to restrict certificate authorities allowed to issue certificates for this domain to Amazon only.
comment?
Type:
string
(optional, default: none)
Any comments that you want to include about the hosted zone.
crossAccountZoneDelegationPrincipal?
⚠️ Deprecated: Create the Role yourself and call hostedZone.grantDelegation()
.
Type:
IPrincipal
(optional, default: No delegation configuration)
A principal which is trusted to assume a role for zone delegation.
If supplied, this will create a Role in the same account as the Hosted
Zone, which can be assumed by the CrossAccountZoneDelegationRecord
to
create a delegation record to a zone in a different account.
Be sure to indicate the account(s) that you trust to create delegation
records, using either iam.AccountPrincipal
or iam.OrganizationPrincipal
.
If you are planning to use iam.ServicePrincipal
s here, be sure to include
region-specific service principals for every opt-in region you are going to
be delegating to; or don't use this feature and create separate roles
with appropriate permissions for every opt-in region instead.
crossAccountZoneDelegationRoleName?
⚠️ Deprecated: Create the Role yourself and call hostedZone.grantDelegation()
.
Type:
string
(optional, default: A role name is generated automatically)
The name of the role created for cross account delegation.
queryLogsLogGroupArn?
Type:
string
(optional, default: disabled)
The Amazon Resource Name (ARN) for the log group that you want Amazon Route 53 to send query logs to.