aws-sdk-route53 1.41.0 → 1.46.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0c956060628ae64255b3973651b8ba84d00603346b675c36effd30a171733f94
-  data.tar.gz: 2986a0eec260a94db577565a7f364585638aca81f0fdee79c68ad8ded181f0ff
+  metadata.gz: 9c6e06fa68478a52afab8cd940d5baa89402716526427ebea6b09472855c12f0
+  data.tar.gz: 4dd378c285f72d2f3a29fad474ff6f8192d995b761b4bd3694e36fbbbfb16d15
 SHA512:
-  metadata.gz: fc991fd12e8add405e95a06cbe40279e8fd52dc4856bf124cc06242bafe28d86bc0c6055b3e3d1c26885cdb8db10605bc76c29fa2bac02d4afc659be57270ef9
-  data.tar.gz: eb78213d36aab9a69a4ecea2e43fd868d18ed1c28a7793cb44d279eb155f72d2f9a870cd8d2a6fd31072ea34f8e7cfa0f50f01b8da38ce8bbdb71c3246337b58
+  metadata.gz: '0349935e6a1894f107def137ce8a19cbaa880e06ed56435c93cde319c092caf25729f09d4aac271590f43e2b68d908999b9accd2b840a9514835eb0fe9ad0454'
+  data.tar.gz: bf3596ce678b22fea2e6ccceed07e3fcc2d9b83614f3755fae8ea9a18471c65336fb581aca6deee1b6627d4080db87492e201608c7713e2de3121a75dc40115e

data/lib/aws-sdk-route53.rb

@@ -7,6 +7,7 @@
 #
 # WARNING ABOUT GENERATED CODE
 
+
 require 'aws-sdk-core'
 require 'aws-sigv4'
 
@@ -28,7 +29,7 @@ require_relative 'aws-sdk-route53/customizations'
 # structure.
 #
 #     route_53 = Aws::Route53::Client.new
-#     resp = route_53.associate_vpc_with_hosted_zone(params)
+#     resp = route_53.activate_key_signing_key(params)
 #
 # See {Client} for more information.
 #
@@ -48,6 +49,6 @@ require_relative 'aws-sdk-route53/customizations'
 # @!group service
 module Aws::Route53
 
-  GEM_VERSION = '1.41.0'
+  GEM_VERSION = '1.46.0'
 
 end

data/lib/aws-sdk-route53/client.rb

@@ -329,32 +329,58 @@ module Aws::Route53
 
     # @!group API Operations
 
-    # Associates an Amazon VPC with a private hosted zone.
+    # Activates a key-signing key (KSK) so that it can be used for signing
+    # by DNSSEC. This operation changes the KSK status to `ACTIVE`.
     #
-    # <note markdown="1"> To perform the association, the VPC and the private hosted zone must
-    # already exist. Also, you can't convert a public hosted zone into a
-    # private hosted zone.
+    # @option params [required, String] :hosted_zone_id
+    #   A unique string used to identify a hosted zone.
     #
-    #  </note>
+    # @option params [required, String] :name
+    #   A string used to identify a key-signing key (KSK). `Name` can include
+    #   numbers, letters, and underscores (\_). `Name` must be unique for each
+    #   key-signing key in the same hosted zone.
     #
-    # If you want to associate a VPC that was created by one AWS account
-    # with a private hosted zone that was created by a different account, do
-    # one of the following:
+    # @return [Types::ActivateKeySigningKeyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
-    # * Use the AWS account that created the private hosted zone to submit a
-    #   [CreateVPCAssociationAuthorization][1] request. Then use the account
-    #   that created the VPC to submit an `AssociateVPCWithHostedZone`
-    #   request.
+    #   * {Types::ActivateKeySigningKeyResponse#change_info #change_info} => Types::ChangeInfo
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.activate_key_signing_key({
+    #     hosted_zone_id: "ResourceId", # required
+    #     name: "SigningKeyName", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.change_info.id #=> String
+    #   resp.change_info.status #=> String, one of "PENDING", "INSYNC"
+    #   resp.change_info.submitted_at #=> Time
+    #   resp.change_info.comment #=> String
     #
-    # * If a subnet in the VPC was shared with another account, you can use
-    #   the account that the subnet was shared with to submit an
-    #   `AssociateVPCWithHostedZone` request. For more information about
-    #   sharing subnets, see [Working with Shared VPCs][2].
+    # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ActivateKeySigningKey AWS API Documentation
     #
+    # @overload activate_key_signing_key(params = {})
+    # @param [Hash] params ({})
+    def activate_key_signing_key(params = {}, options = {})
+      req = build_request(:activate_key_signing_key, params)
+      req.send_request(options)
+    end
+
+    # Associates an Amazon VPC with a private hosted zone.
+    #
+    # To perform the association, the VPC and the private hosted zone must
+    # already exist. You can't convert a public hosted zone into a private
+    # hosted zone.
     #
+    # <note markdown="1"> If you want to associate a VPC that was created by using one AWS
+    # account with a private hosted zone that was created by using a
+    # different account, the AWS account that created the private hosted
+    # zone must first submit a `CreateVPCAssociationAuthorization` request.
+    # Then the account that created the VPC must submit an
+    # `AssociateVPCWithHostedZone` request.
     #
-    # [1]: https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateVPCAssociationAuthorization.html
-    # [2]: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-sharing.html
+    #  </note>
     #
     # @option params [required, String] :hosted_zone_id
     #   The ID of the private hosted zone that you want to associate an Amazon
@@ -1130,7 +1156,7 @@ module Aws::Route53
     #           action: "CREATE", # required, accepts CREATE, DELETE, UPSERT
     #           resource_record_set: { # required
     #             name: "DNSName", # required
-    #             type: "SOA", # required, accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA
+    #             type: "SOA", # required, accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA, DS
     #             set_identifier: "ResourceRecordSetIdentifier",
     #             weight: 1,
     #             region: "us-east-1", # accepts us-east-1, us-east-2, us-west-1, us-west-2, ca-central-1, eu-west-1, eu-west-2, eu-west-3, eu-central-1, ap-southeast-1, ap-southeast-2, ap-northeast-1, ap-northeast-2, ap-northeast-3, eu-north-1, sa-east-1, cn-north-1, cn-northwest-1, ap-east-1, me-south-1, ap-south-1, af-south-1, eu-south-1
@@ -1565,6 +1591,119 @@ module Aws::Route53
       req.send_request(options)
     end
 
+    # Creates a new key-signing key (KSK) associated with a hosted zone. You
+    # can only have two KSKs per hosted zone.
+    #
+    # @option params [required, String] :caller_reference
+    #   A unique string that identifies the request.
+    #
+    # @option params [required, String] :hosted_zone_id
+    #   The unique string (ID) used to identify a hosted zone.
+    #
+    # @option params [required, String] :key_management_service_arn
+    #   The Amazon resource name (ARN) for a customer managed customer master
+    #   key (CMK) in AWS Key Management Service (AWS KMS). The
+    #   `KeyManagementServiceArn` must be unique for each key-signing key
+    #   (KSK) in a single hosted zone. To see an example of
+    #   `KeyManagementServiceArn` that grants the correct permissions for
+    #   DNSSEC, scroll down to **Example**.
+    #
+    #   You must configure the customer managed CMK as follows:
+    #
+    #   Status
+    #
+    #   : Enabled
+    #
+    #   Key spec
+    #
+    #   : ECC\_NIST\_P256
+    #
+    #   Key usage
+    #
+    #   : Sign and verify
+    #
+    #   Key policy
+    #
+    #   : The key policy must give permission for the following actions:
+    #
+    #     * DescribeKey
+    #
+    #     * GetPublicKey
+    #
+    #     * Sign
+    #
+    #     The key policy must also include the Amazon Route 53 service in the
+    #     principal for your account. Specify the following:
+    #
+    #     * `"Service": "api-service.dnssec.route53.aws.internal"`
+    #
+    #     ^
+    #
+    #   For more information about working with a customer managed CMK in AWS
+    #   KMS, see [AWS Key Management Service concepts][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html
+    #
+    # @option params [required, String] :name
+    #   A string used to identify a key-signing key (KSK). `Name` can include
+    #   numbers, letters, and underscores (\_). `Name` must be unique for each
+    #   key-signing key in the same hosted zone.
+    #
+    # @option params [required, String] :status
+    #   A string specifying the initial status of the key-signing key (KSK).
+    #   You can set the value to `ACTIVE` or `INACTIVE`.
+    #
+    # @return [Types::CreateKeySigningKeyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::CreateKeySigningKeyResponse#change_info #change_info} => Types::ChangeInfo
+    #   * {Types::CreateKeySigningKeyResponse#key_signing_key #key_signing_key} => Types::KeySigningKey
+    #   * {Types::CreateKeySigningKeyResponse#location #location} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.create_key_signing_key({
+    #     caller_reference: "Nonce", # required
+    #     hosted_zone_id: "ResourceId", # required
+    #     key_management_service_arn: "SigningKeyString", # required
+    #     name: "SigningKeyName", # required
+    #     status: "SigningKeyStatus", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.change_info.id #=> String
+    #   resp.change_info.status #=> String, one of "PENDING", "INSYNC"
+    #   resp.change_info.submitted_at #=> Time
+    #   resp.change_info.comment #=> String
+    #   resp.key_signing_key.name #=> String
+    #   resp.key_signing_key.kms_arn #=> String
+    #   resp.key_signing_key.flag #=> Integer
+    #   resp.key_signing_key.signing_algorithm_mnemonic #=> String
+    #   resp.key_signing_key.signing_algorithm_type #=> Integer
+    #   resp.key_signing_key.digest_algorithm_mnemonic #=> String
+    #   resp.key_signing_key.digest_algorithm_type #=> Integer
+    #   resp.key_signing_key.key_tag #=> Integer
+    #   resp.key_signing_key.digest_value #=> String
+    #   resp.key_signing_key.public_key #=> String
+    #   resp.key_signing_key.ds_record #=> String
+    #   resp.key_signing_key.dnskey_record #=> String
+    #   resp.key_signing_key.status #=> String
+    #   resp.key_signing_key.status_message #=> String
+    #   resp.key_signing_key.created_date #=> Time
+    #   resp.key_signing_key.last_modified_date #=> Time
+    #   resp.location #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateKeySigningKey AWS API Documentation
+    #
+    # @overload create_key_signing_key(params = {})
+    # @param [Hash] params ({})
+    def create_key_signing_key(params = {}, options = {})
+      req = build_request(:create_key_signing_key, params)
+      req.send_request(options)
+    end
+
     # Creates a configuration for DNS query logging. After you create a
     # query logging configuration, Amazon Route 53 begins to publish log
     # data to an Amazon CloudWatch Logs log group.
@@ -1874,7 +2013,7 @@ module Aws::Route53
     #   resp.traffic_policy.id #=> String
     #   resp.traffic_policy.version #=> Integer
     #   resp.traffic_policy.name #=> String
-    #   resp.traffic_policy.type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy.type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.traffic_policy.document #=> String
     #   resp.traffic_policy.comment #=> String
     #   resp.location #=> String
@@ -1944,7 +2083,7 @@ module Aws::Route53
     #   resp.traffic_policy_instance.message #=> String
     #   resp.traffic_policy_instance.traffic_policy_id #=> String
     #   resp.traffic_policy_instance.traffic_policy_version #=> Integer
-    #   resp.traffic_policy_instance.traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_instance.traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.location #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateTrafficPolicyInstance AWS API Documentation
@@ -2001,7 +2140,7 @@ module Aws::Route53
     #   resp.traffic_policy.id #=> String
     #   resp.traffic_policy.version #=> Integer
     #   resp.traffic_policy.name #=> String
-    #   resp.traffic_policy.type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy.type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.traffic_policy.document #=> String
     #   resp.traffic_policy.comment #=> String
     #   resp.location #=> String
@@ -2067,6 +2206,43 @@ module Aws::Route53
       req.send_request(options)
     end
 
+    # Deactivates a key-signing key (KSK) so that it will not be used for
+    # signing by DNSSEC. This operation changes the KSK status to
+    # `INACTIVE`.
+    #
+    # @option params [required, String] :hosted_zone_id
+    #   A unique string used to identify a hosted zone.
+    #
+    # @option params [required, String] :name
+    #   A string used to identify a key-signing key (KSK).
+    #
+    # @return [Types::DeactivateKeySigningKeyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::DeactivateKeySigningKeyResponse#change_info #change_info} => Types::ChangeInfo
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.deactivate_key_signing_key({
+    #     hosted_zone_id: "ResourceId", # required
+    #     name: "SigningKeyName", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.change_info.id #=> String
+    #   resp.change_info.status #=> String, one of "PENDING", "INSYNC"
+    #   resp.change_info.submitted_at #=> Time
+    #   resp.change_info.comment #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeactivateKeySigningKey AWS API Documentation
+    #
+    # @overload deactivate_key_signing_key(params = {})
+    # @param [Hash] params ({})
+    def deactivate_key_signing_key(params = {}, options = {})
+      req = build_request(:deactivate_key_signing_key, params)
+      req.send_request(options)
+    end
+
     # Deletes a health check.
     #
     # Amazon Route 53 does not prevent you from deleting a health check even
@@ -2194,6 +2370,43 @@ module Aws::Route53
       req.send_request(options)
     end
 
+    # Deletes a key-signing key (KSK). Before you can delete a KSK, you must
+    # deactivate it. The KSK must be deactived before you can delete it
+    # regardless of whether the hosted zone is enabled for DNSSEC signing.
+    #
+    # @option params [required, String] :hosted_zone_id
+    #   A unique string used to identify a hosted zone.
+    #
+    # @option params [required, String] :name
+    #   A string used to identify a key-signing key (KSK).
+    #
+    # @return [Types::DeleteKeySigningKeyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::DeleteKeySigningKeyResponse#change_info #change_info} => Types::ChangeInfo
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_key_signing_key({
+    #     hosted_zone_id: "ResourceId", # required
+    #     name: "SigningKeyName", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.change_info.id #=> String
+    #   resp.change_info.status #=> String, one of "PENDING", "INSYNC"
+    #   resp.change_info.submitted_at #=> Time
+    #   resp.change_info.comment #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteKeySigningKey AWS API Documentation
+    #
+    # @overload delete_key_signing_key(params = {})
+    # @param [Hash] params ({})
+    def delete_key_signing_key(params = {}, options = {})
+      req = build_request(:delete_key_signing_key, params)
+      req.send_request(options)
+    end
+
     # Deletes a configuration for DNS query logging. If you delete a
     # configuration, Amazon Route 53 stops sending query logs to CloudWatch
     # Logs. Route 53 doesn't delete any logs that are already in CloudWatch
@@ -2261,6 +2474,24 @@ module Aws::Route53
 
     # Deletes a traffic policy.
     #
+    # When you delete a traffic policy, Route 53 sets a flag on the policy
+    # to indicate that it has been deleted. However, Route 53 never fully
+    # deletes the traffic policy. Note the following:
+    #
+    # * Deleted traffic policies aren't listed if you run
+    #   [ListTrafficPolicies][1].
+    #
+    # * There's no way to get a list of deleted policies.
+    #
+    # * If you retain the ID of the policy, you can get information about
+    #   the policy, including the traffic policy document, by running
+    #   [GetTrafficPolicy][2].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListTrafficPolicies.html
+    # [2]: https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetTrafficPolicy.html
+    #
     # @option params [required, String] :id
     #   The ID of the traffic policy that you want to delete.
     #
@@ -2361,6 +2592,39 @@ module Aws::Route53
       req.send_request(options)
     end
 
+    # Disables DNSSEC signing in a specific hosted zone. This action does
+    # not deactivate any key-signing keys (KSKs) that are active in the
+    # hosted zone.
+    #
+    # @option params [required, String] :hosted_zone_id
+    #   A unique string used to identify a hosted zone.
+    #
+    # @return [Types::DisableHostedZoneDNSSECResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::DisableHostedZoneDNSSECResponse#change_info #change_info} => Types::ChangeInfo
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.disable_hosted_zone_dnssec({
+    #     hosted_zone_id: "ResourceId", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.change_info.id #=> String
+    #   resp.change_info.status #=> String, one of "PENDING", "INSYNC"
+    #   resp.change_info.submitted_at #=> Time
+    #   resp.change_info.comment #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DisableHostedZoneDNSSEC AWS API Documentation
+    #
+    # @overload disable_hosted_zone_dnssec(params = {})
+    # @param [Hash] params ({})
+    def disable_hosted_zone_dnssec(params = {}, options = {})
+      req = build_request(:disable_hosted_zone_dnssec, params)
+      req.send_request(options)
+    end
+
     # Disassociates an Amazon Virtual Private Cloud (Amazon VPC) from an
     # Amazon Route 53 private hosted zone. Note the following:
     #
@@ -2431,6 +2695,37 @@ module Aws::Route53
       req.send_request(options)
     end
 
+    # Enables DNSSEC signing in a specific hosted zone.
+    #
+    # @option params [required, String] :hosted_zone_id
+    #   A unique string used to identify a hosted zone.
+    #
+    # @return [Types::EnableHostedZoneDNSSECResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::EnableHostedZoneDNSSECResponse#change_info #change_info} => Types::ChangeInfo
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.enable_hosted_zone_dnssec({
+    #     hosted_zone_id: "ResourceId", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.change_info.id #=> String
+    #   resp.change_info.status #=> String, one of "PENDING", "INSYNC"
+    #   resp.change_info.submitted_at #=> Time
+    #   resp.change_info.comment #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/EnableHostedZoneDNSSEC AWS API Documentation
+    #
+    # @overload enable_hosted_zone_dnssec(params = {})
+    # @param [Hash] params ({})
+    def enable_hosted_zone_dnssec(params = {}, options = {})
+      req = build_request(:enable_hosted_zone_dnssec, params)
+      req.send_request(options)
+    end
+
     # Gets the specified limit for the current account, for example, the
     # maximum number of health checks that you can create using the account.
     #
@@ -2543,6 +2838,9 @@ module Aws::Route53
       req.send_request(options)
     end
 
+    # Route 53 does not perform authorization for this API because it
+    # retrieves information that is already available to the public.
+    #
     # `GetCheckerIpRanges` still works, but we recommend that you download
     # ip-ranges.json, which includes IP address ranges for all AWS services.
     # For more information, see [IP Address Ranges of Amazon Route 53
@@ -2570,9 +2868,60 @@ module Aws::Route53
       req.send_request(options)
     end
 
+    # Returns information about DNSSEC for a specific hosted zone, including
+    # the key-signing keys (KSKs) in the hosted zone.
+    #
+    # @option params [required, String] :hosted_zone_id
+    #   A unique string used to identify a hosted zone.
+    #
+    # @return [Types::GetDNSSECResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetDNSSECResponse#status #status} => Types::DNSSECStatus
+    #   * {Types::GetDNSSECResponse#key_signing_keys #key_signing_keys} => Array&lt;Types::KeySigningKey&gt;
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_dnssec({
+    #     hosted_zone_id: "ResourceId", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.status.serve_signature #=> String
+    #   resp.status.status_message #=> String
+    #   resp.key_signing_keys #=> Array
+    #   resp.key_signing_keys[0].name #=> String
+    #   resp.key_signing_keys[0].kms_arn #=> String
+    #   resp.key_signing_keys[0].flag #=> Integer
+    #   resp.key_signing_keys[0].signing_algorithm_mnemonic #=> String
+    #   resp.key_signing_keys[0].signing_algorithm_type #=> Integer
+    #   resp.key_signing_keys[0].digest_algorithm_mnemonic #=> String
+    #   resp.key_signing_keys[0].digest_algorithm_type #=> Integer
+    #   resp.key_signing_keys[0].key_tag #=> Integer
+    #   resp.key_signing_keys[0].digest_value #=> String
+    #   resp.key_signing_keys[0].public_key #=> String
+    #   resp.key_signing_keys[0].ds_record #=> String
+    #   resp.key_signing_keys[0].dnskey_record #=> String
+    #   resp.key_signing_keys[0].status #=> String
+    #   resp.key_signing_keys[0].status_message #=> String
+    #   resp.key_signing_keys[0].created_date #=> Time
+    #   resp.key_signing_keys[0].last_modified_date #=> Time
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetDNSSEC AWS API Documentation
+    #
+    # @overload get_dnssec(params = {})
+    # @param [Hash] params ({})
+    def get_dnssec(params = {}, options = {})
+      req = build_request(:get_dnssec, params)
+      req.send_request(options)
+    end
+
     # Gets information about whether a specified geographic location is
     # supported for Amazon Route 53 geolocation resource record sets.
     #
+    # Route 53 does not perform authorization for this API because it
+    # retrieves information that is already available to the public.
+    #
     # Use the following syntax to determine whether a continent is supported
     # for geolocation:
     #
@@ -2618,17 +2967,16 @@ module Aws::Route53
     #   [1]: https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2
     #
     # @option params [String] :subdivision_code
-    #   For `SubdivisionCode`, Amazon Route 53 supports only states of the
-    #   United States. For a list of state abbreviations, see [Appendix B:
+    #   The code for the subdivision, such as a particular state within the
+    #   United States. For a list of US state abbreviations, see [Appendix B:
     #   Two–Letter State and Possession Abbreviations][1] on the United States
-    #   Postal Service website.
-    #
-    #   If you specify `subdivisioncode`, you must also specify `US` for
-    #   `CountryCode`.
+    #   Postal Service website. For a list of all supported subdivision codes,
+    #   use the [ListGeoLocations][2] API.
     #
     #
     #
     #   [1]: https://pe.usps.com/text/pub28/28apb.htm
+    #   [2]: https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListGeoLocations.html
     #
     # @return [Types::GetGeoLocationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -3094,6 +3442,13 @@ module Aws::Route53
 
     # Gets information about a specific traffic policy version.
     #
+    # For information about how of deleting a traffic policy affects the
+    # response from `GetTrafficPolicy`, see [DeleteTrafficPolicy][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteTrafficPolicy.html
+    #
     # @option params [required, String] :id
     #   The ID of the traffic policy that you want to get information about.
     #
@@ -3117,7 +3472,7 @@ module Aws::Route53
     #   resp.traffic_policy.id #=> String
     #   resp.traffic_policy.version #=> Integer
     #   resp.traffic_policy.name #=> String
-    #   resp.traffic_policy.type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy.type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.traffic_policy.document #=> String
     #   resp.traffic_policy.comment #=> String
     #
@@ -3169,7 +3524,7 @@ module Aws::Route53
     #   resp.traffic_policy_instance.message #=> String
     #   resp.traffic_policy_instance.traffic_policy_id #=> String
     #   resp.traffic_policy_instance.traffic_policy_version #=> Integer
-    #   resp.traffic_policy_instance.traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_instance.traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetTrafficPolicyInstance AWS API Documentation
     #
@@ -3207,6 +3562,9 @@ module Aws::Route53
     # provinces), the subdivisions for that country are listed in
     # alphabetical order immediately after the corresponding country.
     #
+    # Route 53 does not perform authorization for this API because it
+    # retrieves information that is already available to the public.
+    #
     # For a list of supported geolocation codes, see the [GeoLocation][1]
     # data type.
     #
@@ -3617,8 +3975,8 @@ module Aws::Route53
     #   (Optional) The maximum number of hosted zones that you want Amazon
     #   Route 53 to return. If the specified VPC is associated with more than
     #   `MaxItems` hosted zones, the response includes a `NextToken` element.
-    #   `NextToken` contains the hosted zone ID of the first hosted zone that
-    #   Route 53 will return if you submit another request.
+    #   `NextToken` contains an encrypted token that identifies the first
+    #   hosted zone that Route 53 will return if you submit another request.
     #
     # @option params [String] :next_token
     #   If the previous response included a `NextToken` element, the specified
@@ -3887,7 +4245,7 @@ module Aws::Route53
     #   resp = client.list_resource_record_sets({
     #     hosted_zone_id: "ResourceId", # required
     #     start_record_name: "DNSName",
-    #     start_record_type: "SOA", # accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA
+    #     start_record_type: "SOA", # accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA, DS
     #     start_record_identifier: "ResourceRecordSetIdentifier",
     #     max_items: 1,
     #   })
@@ -3896,7 +4254,7 @@ module Aws::Route53
     #
     #   resp.resource_record_sets #=> Array
     #   resp.resource_record_sets[0].name #=> String
-    #   resp.resource_record_sets[0].type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.resource_record_sets[0].type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.resource_record_sets[0].set_identifier #=> String
     #   resp.resource_record_sets[0].weight #=> Integer
     #   resp.resource_record_sets[0].region #=> String, one of "us-east-1", "us-east-2", "us-west-1", "us-west-2", "ca-central-1", "eu-west-1", "eu-west-2", "eu-west-3", "eu-central-1", "ap-southeast-1", "ap-southeast-2", "ap-northeast-1", "ap-northeast-2", "ap-northeast-3", "eu-north-1", "sa-east-1", "cn-north-1", "cn-northwest-1", "ap-east-1", "me-south-1", "ap-south-1", "af-south-1", "eu-south-1"
@@ -3915,7 +4273,7 @@ module Aws::Route53
     #   resp.resource_record_sets[0].traffic_policy_instance_id #=> String
     #   resp.is_truncated #=> Boolean
     #   resp.next_record_name #=> String
-    #   resp.next_record_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.next_record_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.next_record_identifier #=> String
     #   resp.max_items #=> Integer
     #
@@ -4087,6 +4445,13 @@ module Aws::Route53
     # that is associated with the current AWS account. Policies are listed
     # in the order that they were created in.
     #
+    # For information about how of deleting a traffic policy affects the
+    # response from `ListTrafficPolicies`, see [DeleteTrafficPolicy][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteTrafficPolicy.html
+    #
     # @option params [String] :traffic_policy_id_marker
     #   (Conditional) For your first request to `ListTrafficPolicies`, don't
     #   include the `TrafficPolicyIdMarker` parameter.
@@ -4125,7 +4490,7 @@ module Aws::Route53
     #   resp.traffic_policy_summaries #=> Array
     #   resp.traffic_policy_summaries[0].id #=> String
     #   resp.traffic_policy_summaries[0].name #=> String
-    #   resp.traffic_policy_summaries[0].type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_summaries[0].type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.traffic_policy_summaries[0].latest_version #=> Integer
     #   resp.traffic_policy_summaries[0].traffic_policy_count #=> Integer
     #   resp.is_truncated #=> Boolean
@@ -4214,7 +4579,7 @@ module Aws::Route53
     #   resp = client.list_traffic_policy_instances({
     #     hosted_zone_id_marker: "ResourceId",
     #     traffic_policy_instance_name_marker: "DNSName",
-    #     traffic_policy_instance_type_marker: "SOA", # accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA
+    #     traffic_policy_instance_type_marker: "SOA", # accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA, DS
     #     max_items: 1,
     #   })
     #
@@ -4229,10 +4594,10 @@ module Aws::Route53
     #   resp.traffic_policy_instances[0].message #=> String
     #   resp.traffic_policy_instances[0].traffic_policy_id #=> String
     #   resp.traffic_policy_instances[0].traffic_policy_version #=> Integer
-    #   resp.traffic_policy_instances[0].traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_instances[0].traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.hosted_zone_id_marker #=> String
     #   resp.traffic_policy_instance_name_marker #=> String
-    #   resp.traffic_policy_instance_type_marker #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_instance_type_marker #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.is_truncated #=> Boolean
     #   resp.max_items #=> Integer
     #
@@ -4311,7 +4676,7 @@ module Aws::Route53
     #   resp = client.list_traffic_policy_instances_by_hosted_zone({
     #     hosted_zone_id: "ResourceId", # required
     #     traffic_policy_instance_name_marker: "DNSName",
-    #     traffic_policy_instance_type_marker: "SOA", # accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA
+    #     traffic_policy_instance_type_marker: "SOA", # accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA, DS
     #     max_items: 1,
     #   })
     #
@@ -4326,9 +4691,9 @@ module Aws::Route53
     #   resp.traffic_policy_instances[0].message #=> String
     #   resp.traffic_policy_instances[0].traffic_policy_id #=> String
     #   resp.traffic_policy_instances[0].traffic_policy_version #=> Integer
-    #   resp.traffic_policy_instances[0].traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_instances[0].traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.traffic_policy_instance_name_marker #=> String
-    #   resp.traffic_policy_instance_type_marker #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_instance_type_marker #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.is_truncated #=> Boolean
     #   resp.max_items #=> Integer
     #
@@ -4433,7 +4798,7 @@ module Aws::Route53
     #     traffic_policy_version: 1, # required
     #     hosted_zone_id_marker: "ResourceId",
     #     traffic_policy_instance_name_marker: "DNSName",
-    #     traffic_policy_instance_type_marker: "SOA", # accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA
+    #     traffic_policy_instance_type_marker: "SOA", # accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA, DS
     #     max_items: 1,
     #   })
     #
@@ -4448,10 +4813,10 @@ module Aws::Route53
     #   resp.traffic_policy_instances[0].message #=> String
     #   resp.traffic_policy_instances[0].traffic_policy_id #=> String
     #   resp.traffic_policy_instances[0].traffic_policy_version #=> Integer
-    #   resp.traffic_policy_instances[0].traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_instances[0].traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.hosted_zone_id_marker #=> String
     #   resp.traffic_policy_instance_name_marker #=> String
-    #   resp.traffic_policy_instance_type_marker #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_instance_type_marker #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.is_truncated #=> Boolean
     #   resp.max_items #=> Integer
     #
@@ -4514,7 +4879,7 @@ module Aws::Route53
     #   resp.traffic_policies[0].id #=> String
     #   resp.traffic_policies[0].version #=> Integer
     #   resp.traffic_policies[0].name #=> String
-    #   resp.traffic_policies[0].type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policies[0].type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.traffic_policies[0].document #=> String
     #   resp.traffic_policies[0].comment #=> String
     #   resp.is_truncated #=> Boolean
@@ -4641,7 +5006,7 @@ module Aws::Route53
     #   resp = client.test_dns_answer({
     #     hosted_zone_id: "ResourceId", # required
     #     record_name: "DNSName", # required
-    #     record_type: "SOA", # required, accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA
+    #     record_type: "SOA", # required, accepts SOA, A, TXT, NS, CNAME, MX, NAPTR, PTR, SRV, SPF, AAAA, CAA, DS
     #     resolver_ip: "IPAddress",
     #     edns0_client_subnet_ip: "IPAddress",
     #     edns0_client_subnet_mask: "SubnetMask",
@@ -4651,7 +5016,7 @@ module Aws::Route53
     #
     #   resp.nameserver #=> String
     #   resp.record_name #=> String
-    #   resp.record_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.record_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.record_data #=> Array
     #   resp.record_data[0] #=> String
     #   resp.response_code #=> String
@@ -5147,7 +5512,7 @@ module Aws::Route53
     #   resp.traffic_policy.id #=> String
     #   resp.traffic_policy.version #=> Integer
     #   resp.traffic_policy.name #=> String
-    #   resp.traffic_policy.type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy.type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #   resp.traffic_policy.document #=> String
     #   resp.traffic_policy.comment #=> String
     #
@@ -5220,7 +5585,7 @@ module Aws::Route53
     #   resp.traffic_policy_instance.message #=> String
     #   resp.traffic_policy_instance.traffic_policy_id #=> String
     #   resp.traffic_policy_instance.traffic_policy_version #=> Integer
-    #   resp.traffic_policy_instance.traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA"
+    #   resp.traffic_policy_instance.traffic_policy_type #=> String, one of "SOA", "A", "TXT", "NS", "CNAME", "MX", "NAPTR", "PTR", "SRV", "SPF", "AAAA", "CAA", "DS"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/UpdateTrafficPolicyInstance AWS API Documentation
     #
@@ -5244,7 +5609,7 @@ module Aws::Route53
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-route53'
-      context[:gem_version] = '1.41.0'
+      context[:gem_version] = '1.46.0'
       Seahorse::Client::Request.new(handlers, context)
     end