/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/
/*
* Do not modify this file. This file is generated from the route53-2013-04-01.normal.json service model.
*/
using System;
using System.Collections.Generic;
using System.Xml.Serialization;
using System.Text;
using System.IO;
using System.Net;
using Amazon.Runtime;
using Amazon.Runtime.Internal;
namespace Amazon.Route53.Model
{
///
/// A key-signing key (KSK) is a complex type that represents a public/private key pair.
/// The private key is used to generate a digital signature for the zone signing key (ZSK).
/// The public key is stored in the DNS and is used to authenticate the ZSK. A KSK is
/// always associated with a hosted zone; it cannot exist by itself.
///
public partial class KeySigningKey
{
private string _name;
private string _kmsArn;
private int? _flag;
private string _signingAlgorithmMnemonic;
private int? _signingAlgorithmType;
private string _digestAlgorithmMnemonic;
private int? _digestAlgorithmType;
private int? _keyTag;
private string _digestValue;
private string _publicKey;
private string _dsRecord;
private string _dnskeyRecord;
private string _status;
private string _statusMessage;
private DateTime? _createdDate;
private DateTime? _lastModifiedDate;
///
/// Gets and sets the property Name.
///
/// A string used to identify a key-signing key (KSK). Name can include numbers,
/// letters, and underscores (_). Name must be unique for each key-signing
/// key in the same hosted zone.
///
///
[AWSProperty(Min=3, Max=128)]
public string Name
{
get { return this._name; }
set { this._name = value; }
}
// Check to see if Name property is set
internal bool IsSetName()
{
return this._name != null;
}
///
/// Gets and sets the property KmsArn.
///
/// The Amazon resource name (ARN) used to identify the customer managed key in Key Management
/// Service (KMS). The KmsArn must be unique for each key-signing key (KSK)
/// in a single hosted zone.
///
///
///
/// You must configure the customer managed key as follows:
///
/// - Status
-
///
/// Enabled
///
///
- Key spec
-
///
/// ECC_NIST_P256
///
///
- Key usage
-
///
/// Sign and verify
///
///
- Key policy
-
///
/// The key policy must give permission for the following actions:
///
///
-
///
/// DescribeKey
///
///
-
///
/// GetPublicKey
///
///
-
///
/// Sign
///
///
///
/// The key policy must also include the Amazon Route 53 service in the principal for
/// your account. Specify the following:
///
/// -
///
///
"Service": "dnssec-route53.amazonaws.com"
///
///
///
/// For more information about working with the customer managed key in KMS, see Key
/// Management Service concepts.
///
///
public string KmsArn
{
get { return this._kmsArn; }
set { this._kmsArn = value; }
}
// Check to see if KmsArn property is set
internal bool IsSetKmsArn()
{
return this._kmsArn != null;
}
///
/// Gets and sets the property Flag.
///
/// An integer that specifies how the key is used. For key-signing key (KSK), this value
/// is always 257.
///
///
public int Flag
{
get { return this._flag.GetValueOrDefault(); }
set { this._flag = value; }
}
// Check to see if Flag property is set
internal bool IsSetFlag()
{
return this._flag.HasValue;
}
///
/// Gets and sets the property SigningAlgorithmMnemonic.
///
/// A string used to represent the signing algorithm. This value must follow the guidelines
/// provided by RFC-8624 Section
/// 3.1.
///
///
public string SigningAlgorithmMnemonic
{
get { return this._signingAlgorithmMnemonic; }
set { this._signingAlgorithmMnemonic = value; }
}
// Check to see if SigningAlgorithmMnemonic property is set
internal bool IsSetSigningAlgorithmMnemonic()
{
return this._signingAlgorithmMnemonic != null;
}
///
/// Gets and sets the property SigningAlgorithmType.
///
/// An integer used to represent the signing algorithm. This value must follow the guidelines
/// provided by RFC-8624 Section
/// 3.1.
///
///
public int SigningAlgorithmType
{
get { return this._signingAlgorithmType.GetValueOrDefault(); }
set { this._signingAlgorithmType = value; }
}
// Check to see if SigningAlgorithmType property is set
internal bool IsSetSigningAlgorithmType()
{
return this._signingAlgorithmType.HasValue;
}
///
/// Gets and sets the property DigestAlgorithmMnemonic.
///
/// A string used to represent the delegation signer digest algorithm. This value must
/// follow the guidelines provided by RFC-8624
/// Section 3.3.
///
///
public string DigestAlgorithmMnemonic
{
get { return this._digestAlgorithmMnemonic; }
set { this._digestAlgorithmMnemonic = value; }
}
// Check to see if DigestAlgorithmMnemonic property is set
internal bool IsSetDigestAlgorithmMnemonic()
{
return this._digestAlgorithmMnemonic != null;
}
///
/// Gets and sets the property DigestAlgorithmType.
///
/// An integer used to represent the delegation signer digest algorithm. This value must
/// follow the guidelines provided by RFC-8624
/// Section 3.3.
///
///
public int DigestAlgorithmType
{
get { return this._digestAlgorithmType.GetValueOrDefault(); }
set { this._digestAlgorithmType = value; }
}
// Check to see if DigestAlgorithmType property is set
internal bool IsSetDigestAlgorithmType()
{
return this._digestAlgorithmType.HasValue;
}
///
/// Gets and sets the property KeyTag.
///
/// An integer used to identify the DNSSEC record for the domain name. The process used
/// to calculate the value is described in RFC-4034
/// Appendix B.
///
///
[AWSProperty(Min=0, Max=65536)]
public int KeyTag
{
get { return this._keyTag.GetValueOrDefault(); }
set { this._keyTag = value; }
}
// Check to see if KeyTag property is set
internal bool IsSetKeyTag()
{
return this._keyTag.HasValue;
}
///
/// Gets and sets the property DigestValue.
///
/// A cryptographic digest of a DNSKEY resource record (RR). DNSKEY records are used to
/// publish the public key that resolvers can use to verify DNSSEC signatures that are
/// used to secure certain kinds of information provided by the DNS system.
///
///
public string DigestValue
{
get { return this._digestValue; }
set { this._digestValue = value; }
}
// Check to see if DigestValue property is set
internal bool IsSetDigestValue()
{
return this._digestValue != null;
}
///
/// Gets and sets the property PublicKey.
///
/// The public key, represented as a Base64 encoding, as required by
/// RFC-4034 Page 5.
///
///
public string PublicKey
{
get { return this._publicKey; }
set { this._publicKey = value; }
}
// Check to see if PublicKey property is set
internal bool IsSetPublicKey()
{
return this._publicKey != null;
}
///
/// Gets and sets the property DSRecord.
///
/// A string that represents a delegation signer (DS) record.
///
///
public string DSRecord
{
get { return this._dsRecord; }
set { this._dsRecord = value; }
}
// Check to see if DSRecord property is set
internal bool IsSetDSRecord()
{
return this._dsRecord != null;
}
///
/// Gets and sets the property DNSKEYRecord.
///
/// A string that represents a DNSKEY record.
///
///
public string DNSKEYRecord
{
get { return this._dnskeyRecord; }
set { this._dnskeyRecord = value; }
}
// Check to see if DNSKEYRecord property is set
internal bool IsSetDNSKEYRecord()
{
return this._dnskeyRecord != null;
}
///
/// Gets and sets the property Status.
///
/// A string that represents the current key-signing key (KSK) status.
///
///
///
/// Status can have one of the following values:
///
/// - ACTIVE
-
///
/// The KSK is being used for signing.
///
///
- INACTIVE
-
///
/// The KSK is not being used for signing.
///
///
- DELETING
-
///
/// The KSK is in the process of being deleted.
///
///
- ACTION_NEEDED
-
///
/// There is a problem with the KSK that requires you to take action to resolve. For example,
/// the customer managed key might have been deleted, or the permissions for the customer
/// managed key might have been changed.
///
///
- INTERNAL_FAILURE
-
///
/// There was an error during a request. Before you can continue to work with DNSSEC signing,
/// including actions that involve this KSK, you must correct the problem. For example,
/// you may need to activate or deactivate the KSK.
///
///
///
[AWSProperty(Min=5, Max=150)]
public string Status
{
get { return this._status; }
set { this._status = value; }
}
// Check to see if Status property is set
internal bool IsSetStatus()
{
return this._status != null;
}
///
/// Gets and sets the property StatusMessage.
///
/// The status message provided for the following key-signing key (KSK) statuses: ACTION_NEEDED
/// or INTERNAL_FAILURE. The status message includes information about what
/// the problem might be and steps that you can take to correct the issue.
///
///
[AWSProperty(Min=0, Max=512)]
public string StatusMessage
{
get { return this._statusMessage; }
set { this._statusMessage = value; }
}
// Check to see if StatusMessage property is set
internal bool IsSetStatusMessage()
{
return this._statusMessage != null;
}
///
/// Gets and sets the property CreatedDate.
///
/// The date when the key-signing key (KSK) was created.
///
///
public DateTime CreatedDate
{
get { return this._createdDate.GetValueOrDefault(); }
set { this._createdDate = value; }
}
// Check to see if CreatedDate property is set
internal bool IsSetCreatedDate()
{
return this._createdDate.HasValue;
}
///
/// Gets and sets the property LastModifiedDate.
///
/// The last time that the key-signing key (KSK) was changed.
///
///
public DateTime LastModifiedDate
{
get { return this._lastModifiedDate.GetValueOrDefault(); }
set { this._lastModifiedDate = value; }
}
// Check to see if LastModifiedDate property is set
internal bool IsSetLastModifiedDate()
{
return this._lastModifiedDate.HasValue;
}
}
}