aws-sdk-route53 1.40.0 → 1.45.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ee11bc947b07196cfbbbd4eb7c1aa245e1a011bcf39c0657129c51899b1353b2
-  data.tar.gz: e7fb4e3466064f1f0cb532ce9f0c7254696f732cb88f2a7155ec04fcb10955f8
+  metadata.gz: 63d900b5addaada664fa550cf6597f86c80bf06a0f6910ec37e8153230b6daca
+  data.tar.gz: a9e453abe293968b89651423adcc6ef7bb4cfa707457792c4b7b8706abaf45a0
 SHA512:
-  metadata.gz: 6c785bc5dc0e15d719b6616d577a842d710c16c7eb8cbd45c45c6dd635b99a4caaa2e12246f6bdb5ce9e30146dfe268411fe8c1b6a056f76c1cc7455f995ec6a
-  data.tar.gz: 57157a1dec4ba0e9b219513d1581f1b01e406e49d6519defbed975bbe30003bf5a70630dd953fa6f6709cd6552a80eefdaa97331f9fa698c963418b4ffeb2728
+  metadata.gz: 6244f0e8a0467ff7f21c2d53cd7c427521a9e3d5dc3fe1363e88eeecb3142e67f6aeaab285947ce647b65193f5c38464edc0954d452de3a6ec2c2de941db0f10
+  data.tar.gz: 07d0d0efe860339bba2f550f0337826ce40d5b3be522807e07bc9f71f754be9acc329ce20d456510b657ac36817e9d02029c8ee24e1c2a2caeb04b7cb4021583

data/lib/aws-sdk-route53.rb

@@ -7,6 +7,7 @@
 #
 # WARNING ABOUT GENERATED CODE
 
+
 require 'aws-sdk-core'
 require 'aws-sigv4'
 
@@ -28,7 +29,7 @@ require_relative 'aws-sdk-route53/customizations'
 # structure.
 #
 #     route_53 = Aws::Route53::Client.new
-#     resp = route_53.associate_vpc_with_hosted_zone(params)
+#     resp = route_53.activate_key_signing_key(params)
 #
 # See {Client} for more information.
 #
@@ -45,9 +46,9 @@ require_relative 'aws-sdk-route53/customizations'
 #
 # See {Errors} for more information.
 #
-# @service
+# @!group service
 module Aws::Route53
 
-  GEM_VERSION = '1.40.0'
+  GEM_VERSION = '1.45.0'
 
 end

data/lib/aws-sdk-route53/client.rb

@@ -87,13 +87,28 @@ module Aws::Route53
     #     * `Aws::Credentials` - Used for configuring static, non-refreshing
     #       credentials.
     #
+    #     * `Aws::SharedCredentials` - Used for loading static credentials from a
+    #       shared file, such as `~/.aws/config`.
+    #
+    #     * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
+    #
+    #     * `Aws::AssumeRoleWebIdentityCredentials` - Used when you need to
+    #       assume a role after providing credentials via the web.
+    #
+    #     * `Aws::SSOCredentials` - Used for loading credentials from AWS SSO using an
+    #       access token generated from `aws login`.
+    #
+    #     * `Aws::ProcessCredentials` - Used for loading credentials from a
+    #       process that outputs to stdout.
+    #
     #     * `Aws::InstanceProfileCredentials` - Used for loading credentials
     #       from an EC2 IMDS on an EC2 instance.
     #
-    #     * `Aws::SharedCredentials` - Used for loading credentials from a
-    #       shared file, such as `~/.aws/config`.
+    #     * `Aws::ECSCredentials` - Used for loading credentials from
+    #       instances running in ECS.
     #
-    #     * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
+    #     * `Aws::CognitoIdentityCredentials` - Used for loading credentials
+    #       from the Cognito Identity service.
     #
     #     When `:credentials` are not configured directly, the following
     #     locations will be searched for credentials:
@@ -103,10 +118,10 @@ module Aws::Route53
     #     * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
     #     * `~/.aws/credentials`
     #     * `~/.aws/config`
-    #     * EC2 IMDS instance profile - When used by default, the timeouts are
-    #       very aggressive. Construct and pass an instance of
-    #       `Aws::InstanceProfileCredentails` to enable retries and extended
-    #       timeouts.
+    #     * EC2/ECS IMDS instance profile - When used by default, the timeouts
+    #       are very aggressive. Construct and pass an instance of
+    #       `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
+    #       enable retries and extended timeouts.
     #
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
@@ -314,32 +329,56 @@ module Aws::Route53
 
     # @!group API Operations
 
-    # Associates an Amazon VPC with a private hosted zone.
+    # Activates a key signing key (KSK) so that it can be used for signing
+    # by DNSSEC. This operation changes the KSK status to `ACTIVE`.
     #
-    # <note markdown="1"> To perform the association, the VPC and the private hosted zone must
-    # already exist. Also, you can't convert a public hosted zone into a
-    # private hosted zone.
+    # @option params [required, String] :hosted_zone_id
+    #   A unique string used to identify a hosted zone.
     #
-    #  </note>
+    # @option params [required, String] :name
+    #   An alphanumeric string used to identify a key signing key (KSK).
     #
-    # If you want to associate a VPC that was created by one AWS account
-    # with a private hosted zone that was created by a different account, do
-    # one of the following:
+    # @return [Types::ActivateKeySigningKeyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
-    # * Use the AWS account that created the private hosted zone to submit a
-    #   [CreateVPCAssociationAuthorization][1] request. Then use the account
-    #   that created the VPC to submit an `AssociateVPCWithHostedZone`
-    #   request.
+    #   * {Types::ActivateKeySigningKeyResponse#change_info #change_info} => Types::ChangeInfo
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.activate_key_signing_key({
+    #     hosted_zone_id: "ResourceId", # required
+    #     name: "SigningKeyName", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.change_info.id #=> String
+    #   resp.change_info.status #=> String, one of "PENDING", "INSYNC"
+    #   resp.change_info.submitted_at #=> Time
+    #   resp.change_info.comment #=> String
     #
-    # * If a subnet in the VPC was shared with another account, you can use
-    #   the account that the subnet was shared with to submit an
-    #   `AssociateVPCWithHostedZone` request. For more information about
-    #   sharing subnets, see [Working with Shared VPCs][2].
+    # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ActivateKeySigningKey AWS API Documentation
     #
+    # @overload activate_key_signing_key(params = {})
+    # @param [Hash] params ({})
+    def activate_key_signing_key(params = {}, options = {})
+      req = build_request(:activate_key_signing_key, params)
+      req.send_request(options)
+    end
+
+    # Associates an Amazon VPC with a private hosted zone.
     #
+    # To perform the association, the VPC and the private hosted zone must
+    # already exist. You can't convert a public hosted zone into a private
+    # hosted zone.
     #
-    # [1]: https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateVPCAssociationAuthorization.html
-    # [2]: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-sharing.html
+    # <note markdown="1"> If you want to associate a VPC that was created by using one AWS
+    # account with a private hosted zone that was created by using a
+    # different account, the AWS account that created the private hosted
+    # zone must first submit a `CreateVPCAssociationAuthorization` request.
+    # Then the account that created the VPC must submit an
+    # `AssociateVPCWithHostedZone` request.
+    #
+    #  </note>
     #
     # @option params [required, String] :hosted_zone_id
     #   The ID of the private hosted zone that you want to associate an Amazon
@@ -1115,7 +1154,7 @@ module Aws::Route53
     #           action: "CREATE", # required, accepts CREATE, DELETE, UPSERT
     #           resource_record_set: { # required
     #             name: "DNSName", # required
-    #             type: "SOA", # required, accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA
+    #             type: "SOA", # required, accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA, DS
     #             set_identifier: "ResourceRecordSetIdentifier",
     #             weight: 1,
     #             region: "us-east-1", # accepts us-east-1, us-east-2, us-west-1, us-west-2, ca-central-1, eu-west-1, eu-west-2, eu-west-3, eu-central-1, ap-southeast-1, ap-southeast-2, ap-northeast-1, ap-northeast-2, ap-northeast-3, eu-north-1, sa-east-1, cn-north-1, cn-northwest-1, ap-east-1, me-south-1, ap-south-1, af-south-1, eu-south-1
@@ -1550,6 +1589,118 @@ module Aws::Route53
       req.send_request(options)
     end
 
+    # Creates a new key signing key (KSK) associated with a hosted zone. You
+    # can only have two KSKs per hosted zone.
+    #
+    # @option params [required, String] :caller_reference
+    #   A unique string that identifies the request.
+    #
+    # @option params [required, String] :hosted_zone_id
+    #   The unique string (ID) used to identify a hosted zone.
+    #
+    # @option params [required, String] :key_management_service_arn
+    #   The Amazon resource name (ARN) for a customer managed key (CMK) in AWS
+    #   Key Management Service (KMS). The `KeyManagementServiceArn` must be
+    #   unique for each key signing key (KSK) in a single hosted zone. To see
+    #   an example of `KeyManagementServiceArn` that grants the correct
+    #   permissions for DNSSEC, scroll down to **Example**.
+    #
+    #   You must configure the CMK as follows:
+    #
+    #   Status
+    #
+    #   : Enabled
+    #
+    #   Key spec
+    #
+    #   : ECC\_NIST\_P256
+    #
+    #   Key usage
+    #
+    #   : Sign and verify
+    #
+    #   Key policy
+    #
+    #   : The key policy must give permission for the following actions:
+    #
+    #     * DescribeKey
+    #
+    #     * GetPublicKey
+    #
+    #     * Sign
+    #
+    #     The key policy must also include the Amazon Route 53 service in the
+    #     principal for your account. Specify the following:
+    #
+    #     * `"Service": "api-service.dnssec.route53.aws.internal"`
+    #
+    #     ^
+    #
+    #   For more information about working with CMK in KMS, see [AWS Key
+    #   Management Service concepts][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html
+    #
+    # @option params [required, String] :name
+    #   An alphanumeric string used to identify a key signing key (KSK).
+    #   `Name` must be unique for each key signing key in the same hosted
+    #   zone.
+    #
+    # @option params [required, String] :status
+    #   A string specifying the initial status of the key signing key (KSK).
+    #   You can set the value to `ACTIVE` or `INACTIVE`.
+    #
+    # @return [Types::CreateKeySigningKeyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::CreateKeySigningKeyResponse#change_info #change_info} => Types::ChangeInfo
+    #   * {Types::CreateKeySigningKeyResponse#key_signing_key #key_signing_key} => Types::KeySigningKey
+    #   * {Types::CreateKeySigningKeyResponse#location #location} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.create_key_signing_key({
+    #     caller_reference: "Nonce", # required
+    #     hosted_zone_id: "ResourceId", # required
+    #     key_management_service_arn: "SigningKeyString", # required
+    #     name: "SigningKeyName", # required
+    #     status: "SigningKeyStatus", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.change_info.id #=> String
+    #   resp.change_info.status #=> String, one of "PENDING", "INSYNC"
+    #   resp.change_info.submitted_at #=> Time
+    #   resp.change_info.comment #=> String
+    #   resp.key_signing_key.name #=> String
+    #   resp.key_signing_key.kms_arn #=> String
+    #   resp.key_signing_key.flag #=> Integer
+    #   resp.key_signing_key.signing_algorithm_mnemonic #=> String
+    #   resp.key_signing_key.signing_algorithm_type #=> Integer
+    #   resp.key_signing_key.digest_algorithm_mnemonic #=> String
+    #   resp.key_signing_key.digest_algorithm_type #=> Integer
+    #   resp.key_signing_key.key_tag #=> Integer
+    #   resp.key_signing_key.digest_value #=> String
+    #   resp.key_signing_key.public_key #=> String
+    #   resp.key_signing_key.ds_record #=> String
+    #   resp.key_signing_key.dnskey_record #=> String
+    #   resp.key_signing_key.status #=> String
+    #   resp.key_signing_key.status_message #=> String
+    #   resp.key_signing_key.created_date #=> Time
+    #   resp.key_signing_key.last_modified_date #=> Time
+    #   resp.location #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateKeySigningKey AWS API Documentation
+    #
+    # @overload create_key_signing_key(params = {})
+    # @param [Hash] params ({})
+    def create_key_signing_key(params = {}, options = {})
+      req = build_request(:create_key_signing_key, params)
+      req.send_request(options)
+    end
+
     # Creates a configuration for DNS query logging. After you create a
     # query logging configuration, Amazon Route 53 begins to publish log
     # data to an Amazon CloudWatch Logs log group.
@@ -1859,7 +2010,7 @@ module Aws::Route53
     #   resp.traffic_policy.id #=> String
     #   resp.traffic_policy.version #=> Integer
     #   resp.traffic_policy.name #=> String
-    #   resp.traffic_policy.type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy.type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.traffic_policy.document #=> String
     #   resp.traffic_policy.comment #=> String
     #   resp.location #=> String
@@ -1929,7 +2080,7 @@ module Aws::Route53
     #   resp.traffic_policy_instance.message #=> String
     #   resp.traffic_policy_instance.traffic_policy_id #=> String
     #   resp.traffic_policy_instance.traffic_policy_version #=> Integer
-    #   resp.traffic_policy_instance.traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_instance.traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.location #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateTrafficPolicyInstance AWS API Documentation
@@ -1986,7 +2137,7 @@ module Aws::Route53
     #   resp.traffic_policy.id #=> String
     #   resp.traffic_policy.version #=> Integer
     #   resp.traffic_policy.name #=> String
-    #   resp.traffic_policy.type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy.type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.traffic_policy.document #=> String
     #   resp.traffic_policy.comment #=> String
     #   resp.location #=> String
@@ -2052,6 +2203,43 @@ module Aws::Route53
       req.send_request(options)
     end
 
+    # Deactivates a key signing key (KSK) so that it will not be used for
+    # signing by DNSSEC. This operation changes the KSK status to
+    # `INACTIVE`.
+    #
+    # @option params [required, String] :hosted_zone_id
+    #   A unique string used to identify a hosted zone.
+    #
+    # @option params [required, String] :name
+    #   An alphanumeric string used to identify a key signing key (KSK).
+    #
+    # @return [Types::DeactivateKeySigningKeyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::DeactivateKeySigningKeyResponse#change_info #change_info} => Types::ChangeInfo
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.deactivate_key_signing_key({
+    #     hosted_zone_id: "ResourceId", # required
+    #     name: "SigningKeyName", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.change_info.id #=> String
+    #   resp.change_info.status #=> String, one of "PENDING", "INSYNC"
+    #   resp.change_info.submitted_at #=> Time
+    #   resp.change_info.comment #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeactivateKeySigningKey AWS API Documentation
+    #
+    # @overload deactivate_key_signing_key(params = {})
+    # @param [Hash] params ({})
+    def deactivate_key_signing_key(params = {}, options = {})
+      req = build_request(:deactivate_key_signing_key, params)
+      req.send_request(options)
+    end
+
     # Deletes a health check.
     #
     # Amazon Route 53 does not prevent you from deleting a health check even
@@ -2179,6 +2367,43 @@ module Aws::Route53
       req.send_request(options)
     end
 
+    # Deletes a key signing key (KSK). Before you can delete a KSK, you must
+    # deactivate it. The KSK must be deactived before you can delete it
+    # regardless of whether the hosted zone is enabled for DNSSEC signing.
+    #
+    # @option params [required, String] :hosted_zone_id
+    #   A unique string used to identify a hosted zone.
+    #
+    # @option params [required, String] :name
+    #   An alphanumeric string used to identify a key signing key (KSK).
+    #
+    # @return [Types::DeleteKeySigningKeyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::DeleteKeySigningKeyResponse#change_info #change_info} => Types::ChangeInfo
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_key_signing_key({
+    #     hosted_zone_id: "ResourceId", # required
+    #     name: "SigningKeyName", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.change_info.id #=> String
+    #   resp.change_info.status #=> String, one of "PENDING", "INSYNC"
+    #   resp.change_info.submitted_at #=> Time
+    #   resp.change_info.comment #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteKeySigningKey AWS API Documentation
+    #
+    # @overload delete_key_signing_key(params = {})
+    # @param [Hash] params ({})
+    def delete_key_signing_key(params = {}, options = {})
+      req = build_request(:delete_key_signing_key, params)
+      req.send_request(options)
+    end
+
     # Deletes a configuration for DNS query logging. If you delete a
     # configuration, Amazon Route 53 stops sending query logs to CloudWatch
     # Logs. Route 53 doesn't delete any logs that are already in CloudWatch
@@ -2246,6 +2471,24 @@ module Aws::Route53
 
     # Deletes a traffic policy.
     #
+    # When you delete a traffic policy, Route 53 sets a flag on the policy
+    # to indicate that it has been deleted. However, Route 53 never fully
+    # deletes the traffic policy. Note the following:
+    #
+    # * Deleted traffic policies aren't listed if you run
+    #   [ListTrafficPolicies][1].
+    #
+    # * There's no way to get a list of deleted policies.
+    #
+    # * If you retain the ID of the policy, you can get information about
+    #   the policy, including the traffic policy document, by running
+    #   [GetTrafficPolicy][2].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListTrafficPolicies.html
+    # [2]: https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetTrafficPolicy.html
+    #
     # @option params [required, String] :id
     #   The ID of the traffic policy that you want to delete.
     #
@@ -2346,6 +2589,39 @@ module Aws::Route53
       req.send_request(options)
     end
 
+    # Disables DNSSEC signing in a specific hosted zone. This action does
+    # not deactivate any key signing keys (KSKs) that are active in the
+    # hosted zone.
+    #
+    # @option params [required, String] :hosted_zone_id
+    #   A unique string used to identify a hosted zone.
+    #
+    # @return [Types::DisableHostedZoneDNSSECResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::DisableHostedZoneDNSSECResponse#change_info #change_info} => Types::ChangeInfo
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.disable_hosted_zone_dnssec({
+    #     hosted_zone_id: "ResourceId", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.change_info.id #=> String
+    #   resp.change_info.status #=> String, one of "PENDING", "INSYNC"
+    #   resp.change_info.submitted_at #=> Time
+    #   resp.change_info.comment #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DisableHostedZoneDNSSEC AWS API Documentation
+    #
+    # @overload disable_hosted_zone_dnssec(params = {})
+    # @param [Hash] params ({})
+    def disable_hosted_zone_dnssec(params = {}, options = {})
+      req = build_request(:disable_hosted_zone_dnssec, params)
+      req.send_request(options)
+    end
+
     # Disassociates an Amazon Virtual Private Cloud (Amazon VPC) from an
     # Amazon Route 53 private hosted zone. Note the following:
     #
@@ -2416,6 +2692,37 @@ module Aws::Route53
       req.send_request(options)
     end
 
+    # Enables DNSSEC signing in a specific hosted zone.
+    #
+    # @option params [required, String] :hosted_zone_id
+    #   A unique string used to identify a hosted zone.
+    #
+    # @return [Types::EnableHostedZoneDNSSECResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::EnableHostedZoneDNSSECResponse#change_info #change_info} => Types::ChangeInfo
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.enable_hosted_zone_dnssec({
+    #     hosted_zone_id: "ResourceId", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.change_info.id #=> String
+    #   resp.change_info.status #=> String, one of "PENDING", "INSYNC"
+    #   resp.change_info.submitted_at #=> Time
+    #   resp.change_info.comment #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/EnableHostedZoneDNSSEC AWS API Documentation
+    #
+    # @overload enable_hosted_zone_dnssec(params = {})
+    # @param [Hash] params ({})
+    def enable_hosted_zone_dnssec(params = {}, options = {})
+      req = build_request(:enable_hosted_zone_dnssec, params)
+      req.send_request(options)
+    end
+
     # Gets the specified limit for the current account, for example, the
     # maximum number of health checks that you can create using the account.
     #
@@ -2555,6 +2862,55 @@ module Aws::Route53
       req.send_request(options)
     end
 
+    # Returns information about DNSSEC for a specific hosted zone, including
+    # the key signing keys (KSKs) and zone signing keys (ZSKs) in the hosted
+    # zone.
+    #
+    # @option params [required, String] :hosted_zone_id
+    #   A unique string used to identify a hosted zone.
+    #
+    # @return [Types::GetDNSSECResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetDNSSECResponse#status #status} => Types::DNSSECStatus
+    #   * {Types::GetDNSSECResponse#key_signing_keys #key_signing_keys} => Array&lt;Types::KeySigningKey&gt;
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_dnssec({
+    #     hosted_zone_id: "ResourceId", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.status.serve_signature #=> String
+    #   resp.status.status_message #=> String
+    #   resp.key_signing_keys #=> Array
+    #   resp.key_signing_keys[0].name #=> String
+    #   resp.key_signing_keys[0].kms_arn #=> String
+    #   resp.key_signing_keys[0].flag #=> Integer
+    #   resp.key_signing_keys[0].signing_algorithm_mnemonic #=> String
+    #   resp.key_signing_keys[0].signing_algorithm_type #=> Integer
+    #   resp.key_signing_keys[0].digest_algorithm_mnemonic #=> String
+    #   resp.key_signing_keys[0].digest_algorithm_type #=> Integer
+    #   resp.key_signing_keys[0].key_tag #=> Integer
+    #   resp.key_signing_keys[0].digest_value #=> String
+    #   resp.key_signing_keys[0].public_key #=> String
+    #   resp.key_signing_keys[0].ds_record #=> String
+    #   resp.key_signing_keys[0].dnskey_record #=> String
+    #   resp.key_signing_keys[0].status #=> String
+    #   resp.key_signing_keys[0].status_message #=> String
+    #   resp.key_signing_keys[0].created_date #=> Time
+    #   resp.key_signing_keys[0].last_modified_date #=> Time
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetDNSSEC AWS API Documentation
+    #
+    # @overload get_dnssec(params = {})
+    # @param [Hash] params ({})
+    def get_dnssec(params = {}, options = {})
+      req = build_request(:get_dnssec, params)
+      req.send_request(options)
+    end
+
     # Gets information about whether a specified geographic location is
     # supported for Amazon Route 53 geolocation resource record sets.
     #
@@ -3079,6 +3435,13 @@ module Aws::Route53
 
     # Gets information about a specific traffic policy version.
     #
+    # For information about how of deleting a traffic policy affects the
+    # response from `GetTrafficPolicy`, see [DeleteTrafficPolicy][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteTrafficPolicy.html
+    #
     # @option params [required, String] :id
     #   The ID of the traffic policy that you want to get information about.
     #
@@ -3102,7 +3465,7 @@ module Aws::Route53
     #   resp.traffic_policy.id #=> String
     #   resp.traffic_policy.version #=> Integer
     #   resp.traffic_policy.name #=> String
-    #   resp.traffic_policy.type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy.type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.traffic_policy.document #=> String
     #   resp.traffic_policy.comment #=> String
     #
@@ -3154,7 +3517,7 @@ module Aws::Route53
     #   resp.traffic_policy_instance.message #=> String
     #   resp.traffic_policy_instance.traffic_policy_id #=> String
     #   resp.traffic_policy_instance.traffic_policy_version #=> Integer
-    #   resp.traffic_policy_instance.traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_instance.traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetTrafficPolicyInstance AWS API Documentation
     #
@@ -3602,8 +3965,8 @@ module Aws::Route53
     #   (Optional) The maximum number of hosted zones that you want Amazon
     #   Route 53 to return. If the specified VPC is associated with more than
     #   `MaxItems` hosted zones, the response includes a `NextToken` element.
-    #   `NextToken` contains the hosted zone ID of the first hosted zone that
-    #   Route 53 will return if you submit another request.
+    #   `NextToken` contains an encrypted token that identifies the first
+    #   hosted zone that Route 53 will return if you submit another request.
     #
     # @option params [String] :next_token
     #   If the previous response included a `NextToken` element, the specified
@@ -3872,7 +4235,7 @@ module Aws::Route53
     #   resp = client.list_resource_record_sets({
     #     hosted_zone_id: "ResourceId", # required
     #     start_record_name: "DNSName",
-    #     start_record_type: "SOA", # accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA
+    #     start_record_type: "SOA", # accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA, DS
     #     start_record_identifier: "ResourceRecordSetIdentifier",
     #     max_items: 1,
     #   })
@@ -3881,7 +4244,7 @@ module Aws::Route53
     #
     #   resp.resource_record_sets #=> Array
     #   resp.resource_record_sets[0].name #=> String
-    #   resp.resource_record_sets[0].type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.resource_record_sets[0].type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.resource_record_sets[0].set_identifier #=> String
     #   resp.resource_record_sets[0].weight #=> Integer
     #   resp.resource_record_sets[0].region #=> String, one of "us-east-1", "us-east-2", "us-west-1", "us-west-2", "ca-central-1", "eu-west-1", "eu-west-2", "eu-west-3", "eu-central-1", "ap-southeast-1", "ap-southeast-2", "ap-northeast-1", "ap-northeast-2", "ap-northeast-3", "eu-north-1", "sa-east-1", "cn-north-1", "cn-northwest-1", "ap-east-1", "me-south-1", "ap-south-1", "af-south-1", "eu-south-1"
@@ -3900,7 +4263,7 @@ module Aws::Route53
     #   resp.resource_record_sets[0].traffic_policy_instance_id #=> String
     #   resp.is_truncated #=> Boolean
     #   resp.next_record_name #=> String
-    #   resp.next_record_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.next_record_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.next_record_identifier #=> String
     #   resp.max_items #=> Integer
     #
@@ -4072,6 +4435,13 @@ module Aws::Route53
     # that is associated with the current AWS account. Policies are listed
     # in the order that they were created in.
     #
+    # For information about how of deleting a traffic policy affects the
+    # response from `ListTrafficPolicies`, see [DeleteTrafficPolicy][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteTrafficPolicy.html
+    #
     # @option params [String] :traffic_policy_id_marker
     #   (Conditional) For your first request to `ListTrafficPolicies`, don't
     #   include the `TrafficPolicyIdMarker` parameter.
@@ -4110,7 +4480,7 @@ module Aws::Route53
     #   resp.traffic_policy_summaries #=> Array
     #   resp.traffic_policy_summaries[0].id #=> String
     #   resp.traffic_policy_summaries[0].name #=> String
-    #   resp.traffic_policy_summaries[0].type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_summaries[0].type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.traffic_policy_summaries[0].latest_version #=> Integer
     #   resp.traffic_policy_summaries[0].traffic_policy_count #=> Integer
     #   resp.is_truncated #=> Boolean
@@ -4199,7 +4569,7 @@ module Aws::Route53
     #   resp = client.list_traffic_policy_instances({
     #     hosted_zone_id_marker: "ResourceId",
     #     traffic_policy_instance_name_marker: "DNSName",
-    #     traffic_policy_instance_type_marker: "SOA", # accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA
+    #     traffic_policy_instance_type_marker: "SOA", # accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA, DS
     #     max_items: 1,
     #   })
     #
@@ -4214,10 +4584,10 @@ module Aws::Route53
     #   resp.traffic_policy_instances[0].message #=> String
     #   resp.traffic_policy_instances[0].traffic_policy_id #=> String
     #   resp.traffic_policy_instances[0].traffic_policy_version #=> Integer
-    #   resp.traffic_policy_instances[0].traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_instances[0].traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.hosted_zone_id_marker #=> String
     #   resp.traffic_policy_instance_name_marker #=> String
-    #   resp.traffic_policy_instance_type_marker #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_instance_type_marker #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.is_truncated #=> Boolean
     #   resp.max_items #=> Integer
     #
@@ -4296,7 +4666,7 @@ module Aws::Route53
     #   resp = client.list_traffic_policy_instances_by_hosted_zone({
     #     hosted_zone_id: "ResourceId", # required
     #     traffic_policy_instance_name_marker: "DNSName",
-    #     traffic_policy_instance_type_marker: "SOA", # accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA
+    #     traffic_policy_instance_type_marker: "SOA", # accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA, DS
     #     max_items: 1,
     #   })
     #
@@ -4311,9 +4681,9 @@ module Aws::Route53
     #   resp.traffic_policy_instances[0].message #=> String
     #   resp.traffic_policy_instances[0].traffic_policy_id #=> String
     #   resp.traffic_policy_instances[0].traffic_policy_version #=> Integer
-    #   resp.traffic_policy_instances[0].traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_instances[0].traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.traffic_policy_instance_name_marker #=> String
-    #   resp.traffic_policy_instance_type_marker #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_instance_type_marker #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.is_truncated #=> Boolean
     #   resp.max_items #=> Integer
     #
@@ -4418,7 +4788,7 @@ module Aws::Route53
     #     traffic_policy_version: 1, # required
     #     hosted_zone_id_marker: "ResourceId",
     #     traffic_policy_instance_name_marker: "DNSName",
-    #     traffic_policy_instance_type_marker: "SOA", # accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA
+    #     traffic_policy_instance_type_marker: "SOA", # accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA, DS
     #     max_items: 1,
     #   })
     #
@@ -4433,10 +4803,10 @@ module Aws::Route53
     #   resp.traffic_policy_instances[0].message #=> String
     #   resp.traffic_policy_instances[0].traffic_policy_id #=> String
     #   resp.traffic_policy_instances[0].traffic_policy_version #=> Integer
-    #   resp.traffic_policy_instances[0].traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_instances[0].traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.hosted_zone_id_marker #=> String
     #   resp.traffic_policy_instance_name_marker #=> String
-    #   resp.traffic_policy_instance_type_marker #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_instance_type_marker #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.is_truncated #=> Boolean
     #   resp.max_items #=> Integer
     #
@@ -4499,7 +4869,7 @@ module Aws::Route53
     #   resp.traffic_policies[0].id #=> String
     #   resp.traffic_policies[0].version #=> Integer
     #   resp.traffic_policies[0].name #=> String
-    #   resp.traffic_policies[0].type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policies[0].type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.traffic_policies[0].document #=> String
     #   resp.traffic_policies[0].comment #=> String
     #   resp.is_truncated #=> Boolean
@@ -4626,7 +4996,7 @@ module Aws::Route53
     #   resp = client.test_dns_answer({
     #     hosted_zone_id: "ResourceId", # required
     #     record_name: "DNSName", # required
-    #     record_type: "SOA", # required, accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA
+    #     record_type: "SOA", # required, accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA, DS
     #     resolver_ip: "IPAddress",
     #     edns0_client_subnet_ip: "IPAddress",
     #     edns0_client_subnet_mask: "SubnetMask",
@@ -4636,7 +5006,7 @@ module Aws::Route53
     #
     #   resp.nameserver #=> String
     #   resp.record_name #=> String
-    #   resp.record_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.record_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.record_data #=> Array
     #   resp.record_data[0] #=> String
     #   resp.response_code #=> String
@@ -5132,7 +5502,7 @@ module Aws::Route53
     #   resp.traffic_policy.id #=> String
     #   resp.traffic_policy.version #=> Integer
     #   resp.traffic_policy.name #=> String
-    #   resp.traffic_policy.type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy.type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.traffic_policy.document #=> String
     #   resp.traffic_policy.comment #=> String
     #
@@ -5205,7 +5575,7 @@ module Aws::Route53
     #   resp.traffic_policy_instance.message #=> String
     #   resp.traffic_policy_instance.traffic_policy_id #=> String
     #   resp.traffic_policy_instance.traffic_policy_version #=> Integer
-    #   resp.traffic_policy_instance.traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_instance.traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/UpdateTrafficPolicyInstance AWS API Documentation
     #
@@ -5229,7 +5599,7 @@ module Aws::Route53
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-route53'
-      context[:gem_version] = '1.40.0'
+      context[:gem_version] = '1.45.0'
       Seahorse::Client::Request.new(handlers, context)
     end