import { Command as $Command } from "@smithy/smithy-client"; import type { MetadataBearer as __MetadataBearer } from "@smithy/types"; import type { CreateKeySigningKeyRequest, CreateKeySigningKeyResponse } from "../models/models_0"; import type { Route53ClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../Route53Client"; /** * @public */ export type { __MetadataBearer }; export { $Command }; /** * @public * * The input for {@link CreateKeySigningKeyCommand}. */ export interface CreateKeySigningKeyCommandInput extends CreateKeySigningKeyRequest { } /** * @public * * The output of {@link CreateKeySigningKeyCommand}. */ export interface CreateKeySigningKeyCommandOutput extends CreateKeySigningKeyResponse, __MetadataBearer { } declare const CreateKeySigningKeyCommand_base: { new (input: CreateKeySigningKeyCommandInput): import("@smithy/smithy-client").CommandImpl; new (input: CreateKeySigningKeyCommandInput): import("@smithy/smithy-client").CommandImpl; getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions; }; /** *

Creates a new key-signing key (KSK) associated with a hosted zone. You can only have * two KSKs per hosted zone.

* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript * import { Route53Client, CreateKeySigningKeyCommand } from "@aws-sdk/client-route-53"; // ES Modules import * // const { Route53Client, CreateKeySigningKeyCommand } = require("@aws-sdk/client-route-53"); // CommonJS import * // import type { Route53ClientConfig } from "@aws-sdk/client-route-53"; * const config = {}; // type is Route53ClientConfig * const client = new Route53Client(config); * const input = { // CreateKeySigningKeyRequest * CallerReference: "STRING_VALUE", // required * HostedZoneId: "STRING_VALUE", // required * KeyManagementServiceArn: "STRING_VALUE", // required * Name: "STRING_VALUE", // required * Status: "STRING_VALUE", // required * }; * const command = new CreateKeySigningKeyCommand(input); * const response = await client.send(command); * // { // CreateKeySigningKeyResponse * // ChangeInfo: { // ChangeInfo * // Id: "STRING_VALUE", // required * // Status: "PENDING" || "INSYNC", // required * // SubmittedAt: new Date("TIMESTAMP"), // required * // Comment: "STRING_VALUE", * // }, * // KeySigningKey: { // KeySigningKey * // Name: "STRING_VALUE", * // KmsArn: "STRING_VALUE", * // Flag: Number("int"), * // SigningAlgorithmMnemonic: "STRING_VALUE", * // SigningAlgorithmType: Number("int"), * // DigestAlgorithmMnemonic: "STRING_VALUE", * // DigestAlgorithmType: Number("int"), * // KeyTag: Number("int"), * // DigestValue: "STRING_VALUE", * // PublicKey: "STRING_VALUE", * // DSRecord: "STRING_VALUE", * // DNSKEYRecord: "STRING_VALUE", * // Status: "STRING_VALUE", * // StatusMessage: "STRING_VALUE", * // CreatedDate: new Date("TIMESTAMP"), * // LastModifiedDate: new Date("TIMESTAMP"), * // }, * // Location: "STRING_VALUE", // required * // }; * * ``` * * @param CreateKeySigningKeyCommandInput - {@link CreateKeySigningKeyCommandInput} * @returns {@link CreateKeySigningKeyCommandOutput} * @see {@link CreateKeySigningKeyCommandInput} for command's `input` shape. * @see {@link CreateKeySigningKeyCommandOutput} for command's `response` shape. * @see {@link Route53ClientResolvedConfig | config} for Route53Client's `config` shape. * * @throws {@link ConcurrentModification} (client fault) *

Another user submitted a request to create, update, or delete the object at the same * time that you did. Retry the request.

* * @throws {@link InvalidArgument} (client fault) *

Parameter name is not valid.

* * @throws {@link InvalidInput} (client fault) *

The input is not valid.

* * @throws {@link InvalidKeySigningKeyName} (client fault) *

The key-signing key (KSK) name that you specified isn't a valid name.

* * @throws {@link InvalidKeySigningKeyStatus} (client fault) *

The key-signing key (KSK) status isn't valid or another KSK has the status * INTERNAL_FAILURE.

* * @throws {@link InvalidKMSArn} (client fault) *

The KeyManagementServiceArn that you specified isn't valid to use with DNSSEC * signing.

* * @throws {@link InvalidSigningStatus} (client fault) *

Your hosted zone status isn't valid for this operation. In the hosted zone, change the * status to enable DNSSEC or disable DNSSEC.

* * @throws {@link KeySigningKeyAlreadyExists} (client fault) *

You've already created a key-signing key (KSK) with this name or with the same customer managed key ARN.

* * @throws {@link NoSuchHostedZone} (client fault) *

No hosted zone exists with the ID that you specified.

* * @throws {@link TooManyKeySigningKeys} (client fault) *

You've reached the limit for the number of key-signing keys (KSKs). Remove at least * one KSK, and then try again.

* * @throws {@link Route53ServiceException} *

Base exception class for all service exceptions from Route53 service.

* * * @public */ export declare class CreateKeySigningKeyCommand extends CreateKeySigningKeyCommand_base { /** @internal type navigation helper, not in runtime. */ protected static __types: { api: { input: CreateKeySigningKeyRequest; output: CreateKeySigningKeyResponse; }; sdk: { input: CreateKeySigningKeyCommandInput; output: CreateKeySigningKeyCommandOutput; }; }; }