AssociateDelegationSignerToDomain
Creates a delegation signer (DS) record in the registry zone for this domain name.
Note that creating DS record at the registry impacts DNSSEC validation of your DNS records. This action may render your domain name unavailable on the internet if the steps are completed in the wrong order, or with incorrect timing. For more information about DNSSEC signing, see Configuring DNSSEC signing in the Route 53 developer guide.
Request Syntax
{
"DomainName": "string
",
"SigningAttributes": {
"Algorithm": number
,
"Flags": number
,
"PublicKey": "string
"
}
}
Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- DomainName
-
The name of the domain.
Type: String
Length Constraints: Maximum length of 255.
Required: Yes
- SigningAttributes
-
The information about a key, including the algorithm, public key-value, and flags.
Type: DnssecSigningAttributes object
Required: Yes
Response Syntax
{
"OperationId": "string"
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- OperationId
-
The identifier for tracking the progress of the request. To query the operation status, use GetOperationDetail.
Type: String
Length Constraints: Maximum length of 255.
Errors
For information about the errors that are common to all actions, see Common Errors.
- DnssecLimitExceeded
-
This error is returned if you call
AssociateDelegationSignerToDomain
when the specified domain has reached the maximum number of DS records. You can't add any additional DS records unless you delete an existing one first.HTTP Status Code: 400
- DuplicateRequest
-
The request is already in progress for the domain.
HTTP Status Code: 400
- InvalidInput
-
The requested item is not acceptable. For example, for APIs that accept a domain name, the request might specify a domain name that doesn't belong to the account that submitted the request. For
AcceptDomainTransferFromAnotherAwsAccount
, the password might be invalid.HTTP Status Code: 400
- OperationLimitExceeded
-
The number of operations or jobs running exceeded the allowed threshold for the account.
HTTP Status Code: 400
- TLDRulesViolation
-
The top-level domain does not support this operation.
HTTP Status Code: 400
- UnsupportedTLD
-
Amazon Route 53 does not support this top-level domain (TLD).
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: