@aws-cdk/aws-route53

constructor

constructor(scope: Construct, id: string, props: AaaaRecordProps);

constructor

constructor(scope: Construct, id: string, props: ARecordProps);

constructor

constructor(scope: Construct, id: string, props: CaaAmazonRecordProps);

constructor

constructor(scope: Construct, id: string, props: CaaRecordProps);

constructor

constructor(scope: cdk.Construct, id: string, props: CfnCidrCollectionProps);

• Create a new AWS::Route53::CidrCollection.

  Parameter scope

  scope in which this resource is defined

  Parameter id

  scoped id of the resource

  Parameter props

  resource properties

property attrArn

readonly attrArn: string;

• "The Amazon resource name (ARN) to uniquely identify the AWS resource. Arn

property attrId

readonly attrId: string;

• The UUID of the CIDR collection. Id

property CFN_RESOURCE_TYPE_NAME

static readonly CFN_RESOURCE_TYPE_NAME: string;

• The CloudFormation resource type name for this resource class.

property cfnProperties

readonly cfnProperties: { [key: string]: any };

property locations

locations: any;

• A complex type that contains information about the list of CIDR locations.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-cidrcollection.html#cfn-route53-cidrcollection-locations

property name

name: string;

• The name of a CIDR collection.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-cidrcollection.html#cfn-route53-cidrcollection-name

method inspect

inspect: (inspector: cdk.TreeInspector) => void;

• Examines the CloudFormation resource and discloses attributes.

  Parameter inspector

  tree inspector to collect and process attributes

method renderProperties

protected renderProperties: (props: { [key: string]: any }) => {
    [key: string]: any;
};

constructor

constructor(scope: cdk.Construct, id: string, props: CfnDNSSECProps);

• Create a new AWS::Route53::DNSSEC.

  Parameter scope

  scope in which this resource is defined

  Parameter id

  scoped id of the resource

  Parameter props

  resource properties

property CFN_RESOURCE_TYPE_NAME

static readonly CFN_RESOURCE_TYPE_NAME: string;

• The CloudFormation resource type name for this resource class.

property cfnProperties

readonly cfnProperties: { [key: string]: any };

property hostedZoneId

hostedZoneId: string;

• A unique string (ID) that is used to identify a hosted zone. For example: Z00001111A1ABCaaABC11 .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-dnssec.html#cfn-route53-dnssec-hostedzoneid

method inspect

inspect: (inspector: cdk.TreeInspector) => void;

• Examines the CloudFormation resource and discloses attributes.

  Parameter inspector

  tree inspector to collect and process attributes

method renderProperties

protected renderProperties: (props: { [key: string]: any }) => {
    [key: string]: any;
};

constructor

constructor(scope: cdk.Construct, id: string, props: CfnHealthCheckProps);

• Create a new AWS::Route53::HealthCheck.

  Parameter scope

  scope in which this resource is defined

  Parameter id

  scoped id of the resource

  Parameter props

  resource properties

property attrHealthCheckId

readonly attrHealthCheckId: string;

• The identifier that Amazon Route 53 assigned to the health check when you created it. When you add or update a resource record set, you use this value to specify which health check to use. The value can be up to 64 characters long. HealthCheckId

property CFN_RESOURCE_TYPE_NAME

static readonly CFN_RESOURCE_TYPE_NAME: string;

• The CloudFormation resource type name for this resource class.

property cfnProperties

readonly cfnProperties: { [key: string]: any };

property healthCheckConfig

healthCheckConfig: any;

• A complex type that contains detailed information about one health check.

  For the values to enter for HealthCheckConfig , see [HealthCheckConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_HealthCheckConfig.html)

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-healthcheck.html#cfn-route53-healthcheck-healthcheckconfig

property healthCheckTags

healthCheckTags: any;

• The HealthCheckTags property describes key-value pairs that are associated with an AWS::Route53::HealthCheck resource.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-healthcheck.html#cfn-route53-healthcheck-healthchecktags

method inspect

inspect: (inspector: cdk.TreeInspector) => void;

• Examines the CloudFormation resource and discloses attributes.

  Parameter inspector

  tree inspector to collect and process attributes

method renderProperties

protected renderProperties: (props: { [key: string]: any }) => {
    [key: string]: any;
};

constructor

constructor(scope: cdk.Construct, id: string, props?: CfnHostedZoneProps);

• Create a new AWS::Route53::HostedZone.

  Parameter scope

  scope in which this resource is defined

  Parameter id

  scoped id of the resource

  Parameter props

  resource properties

property attrId

readonly attrId: string;

• The ID that Amazon Route 53 assigned to the hosted zone when you created it. Id

property attrNameServers

readonly attrNameServers: string[];

• Returns the set of name servers for the specific hosted zone. For example: ns1.example.com .

  This attribute is not supported for private hosted zones. NameServers

property CFN_RESOURCE_TYPE_NAME

static readonly CFN_RESOURCE_TYPE_NAME: string;

• The CloudFormation resource type name for this resource class.

property cfnProperties

readonly cfnProperties: { [key: string]: any };

property hostedZoneConfig

hostedZoneConfig: any;

• A complex type that contains an optional comment.

  If you don't want to specify a comment, omit the HostedZoneConfig and Comment elements.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-hostedzone.html#cfn-route53-hostedzone-hostedzoneconfig

property name

name: string;

• The name of the domain. Specify a fully qualified domain name, for example, *www.example.com* . The trailing dot is optional; Amazon Route 53 assumes that the domain name is fully qualified. This means that Route 53 treats *www.example.com* (without a trailing dot) and *www.example.com.* (with a trailing dot) as identical.

  If you're creating a public hosted zone, this is the name you have registered with your DNS registrar. If your domain name is registered with a registrar other than Route 53, change the name servers for your domain to the set of NameServers that are returned by the Fn::GetAtt intrinsic function.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-hostedzone.html#cfn-route53-hostedzone-name

property queryLoggingConfig

queryLoggingConfig: any;

• Creates a configuration for DNS query logging. After you create a query logging configuration, Amazon Route 53 begins to publish log data to an Amazon CloudWatch Logs log group.

  DNS query logs contain information about the queries that Route 53 receives for a specified public hosted zone, such as the following:

  - Route 53 edge location that responded to the DNS query - Domain or subdomain that was requested - DNS record type, such as A or AAAA - DNS response code, such as NoError or ServFail

  - **Log Group and Resource Policy** - Before you create a query logging configuration, perform the following operations.

  > If you create a query logging configuration using the Route 53 console, Route 53 performs these operations automatically.

  - Create a CloudWatch Logs log group, and make note of the ARN, which you specify when you create a query logging configuration. Note the following:

  - You must create the log group in the us-east-1 region. - You must use the same AWS account to create the log group and the hosted zone that you want to configure query logging for. - When you create log groups for query logging, we recommend that you use a consistent prefix, for example:

  /aws/route53/ *hosted zone name*

  In the next step, you'll create a resource policy, which controls access to one or more log groups and the associated AWS resources, such as Route 53 hosted zones. There's a limit on the number of resource policies that you can create, so we recommend that you use a consistent prefix so you can use the same resource policy for all the log groups that you create for query logging. - Create a CloudWatch Logs resource policy, and give it the permissions that Route 53 needs to create log streams and to send query logs to log streams. For the value of Resource , specify the ARN for the log group that you created in the previous step. To use the same resource policy for all the CloudWatch Logs log groups that you created for query logging configurations, replace the hosted zone name with * , for example:

  arn:aws:logs:us-east-1:123412341234:log-group:/aws/route53/*

  To avoid the confused deputy problem, a security issue where an entity without a permission for an action can coerce a more-privileged entity to perform it, you can optionally limit the permissions that a service has to a resource in a resource-based policy by supplying the following values:

  - For aws:SourceArn , supply the hosted zone ARN used in creating the query logging configuration. For example, aws:SourceArn: arn:aws:route53:::hostedzone/hosted zone ID . - For aws:SourceAccount , supply the account ID for the account that creates the query logging configuration. For example, aws:SourceAccount:111111111111 .

  For more information, see [The confused deputy problem](https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html) in the *AWS IAM User Guide* .

  > You can't use the CloudWatch console to create or edit a resource policy. You must use the CloudWatch API, one of the AWS SDKs, or the AWS CLI . - **Log Streams and Edge Locations** - When Route 53 finishes creating the configuration for DNS query logging, it does the following:

  - Creates a log stream for an edge location the first time that the edge location responds to DNS queries for the specified hosted zone. That log stream is used to log all queries that Route 53 responds to for that edge location. - Begins to send query logs to the applicable log stream.

  The name of each log stream is in the following format:

  *hosted zone ID* / *edge location code*

  The edge location code is a three-letter code and an arbitrarily assigned number, for example, DFW3. The three-letter code typically corresponds with the International Air Transport Association airport code for an airport near the edge location. (These abbreviations might change in the future.) For a list of edge locations, see "The Route 53 Global Network" on the [Route 53 Product Details](https://docs.aws.amazon.com/route53/details/) page. - **Queries That Are Logged** - Query logs contain only the queries that DNS resolvers forward to Route 53. If a DNS resolver has already cached the response to a query (such as the IP address for a load balancer for example.com), the resolver will continue to return the cached response. It doesn't forward another query to Route 53 until the TTL for the corresponding resource record set expires. Depending on how many DNS queries are submitted for a resource record set, and depending on the TTL for that resource record set, query logs might contain information about only one query out of every several thousand queries that are submitted to DNS. For more information about how DNS works, see [Routing Internet Traffic to Your Website or Web Application](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/welcome-dns-service.html) in the *Amazon Route 53 Developer Guide* . - **Log File Format** - For a list of the values in each query log and the format of each value, see [Logging DNS Queries](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html) in the *Amazon Route 53 Developer Guide* . - **Pricing** - For information about charges for query logs, see [Amazon CloudWatch Pricing](https://docs.aws.amazon.com/cloudwatch/pricing/) . - **How to Stop Logging** - If you want Route 53 to stop sending query logs to CloudWatch Logs, delete the query logging configuration. For more information, see [DeleteQueryLoggingConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteQueryLoggingConfig.html) .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-hostedzone.html#cfn-route53-hostedzone-queryloggingconfig

property tags

readonly tags: cdk.TagManager;

• Adds, edits, or deletes tags for a health check or a hosted zone.

  For information about using tags for cost allocation, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the *AWS Billing and Cost Management User Guide* .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-hostedzone.html#cfn-route53-hostedzone-hostedzonetags

property vpcs

vpcs: any;

• *Private hosted zones:* A complex type that contains information about the VPCs that are associated with the specified hosted zone.

  > For public hosted zones, omit VPCs , VPCId , and VPCRegion .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-hostedzone.html#cfn-route53-hostedzone-vpcs

method inspect

inspect: (inspector: cdk.TreeInspector) => void;

• Examines the CloudFormation resource and discloses attributes.

  Parameter inspector

  tree inspector to collect and process attributes

method renderProperties

protected renderProperties: (props: { [key: string]: any }) => {
    [key: string]: any;
};

constructor

constructor(scope: cdk.Construct, id: string, props: CfnKeySigningKeyProps);

• Create a new AWS::Route53::KeySigningKey.

  Parameter scope

  scope in which this resource is defined

  Parameter id

  scoped id of the resource

  Parameter props

  resource properties

property CFN_RESOURCE_TYPE_NAME

static readonly CFN_RESOURCE_TYPE_NAME: string;

• The CloudFormation resource type name for this resource class.

property cfnProperties

readonly cfnProperties: { [key: string]: any };

property hostedZoneId

hostedZoneId: string;

• The unique string (ID) that is used to identify a hosted zone. For example: Z00001111A1ABCaaABC11 .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-keysigningkey.html#cfn-route53-keysigningkey-hostedzoneid

property keyManagementServiceArn

keyManagementServiceArn: string;

• The Amazon resource name (ARN) for a customer managed customer master key (CMK) in AWS Key Management Service ( AWS KMS ). The KeyManagementServiceArn must be unique for each key-signing key (KSK) in a single hosted zone. For example: arn:aws:kms:us-east-1:111122223333:key/111a2222-a11b-1ab1-2ab2-1ab21a2b3a111 .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-keysigningkey.html#cfn-route53-keysigningkey-keymanagementservicearn

property name

name: string;

• A string used to identify a key-signing key (KSK). Name can include numbers, letters, and underscores (_). Name must be unique for each key-signing key in the same hosted zone.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-keysigningkey.html#cfn-route53-keysigningkey-name

property status

status: string;

• A string that represents the current key-signing key (KSK) status.

  Status can have one of the following values:

  - **ACTIVE** - The KSK is being used for signing. - **INACTIVE** - The KSK is not being used for signing. - **DELETING** - The KSK is in the process of being deleted. - **ACTION_NEEDED** - There is a problem with the KSK that requires you to take action to resolve. For example, the customer managed key might have been deleted, or the permissions for the customer managed key might have been changed. - **INTERNAL_FAILURE** - There was an error during a request. Before you can continue to work with DNSSEC signing, including actions that involve this KSK, you must correct the problem. For example, you may need to activate or deactivate the KSK.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-keysigningkey.html#cfn-route53-keysigningkey-status

method inspect

inspect: (inspector: cdk.TreeInspector) => void;

• Examines the CloudFormation resource and discloses attributes.

  Parameter inspector

  tree inspector to collect and process attributes

method renderProperties

protected renderProperties: (props: { [key: string]: any }) => {
    [key: string]: any;
};

constructor

constructor(scope: cdk.Construct, id: string, props: CfnRecordSetProps);

• Create a new AWS::Route53::RecordSet.

  Parameter scope

  scope in which this resource is defined

  Parameter id

  scoped id of the resource

  Parameter props

  resource properties

property aliasTarget

aliasTarget: any;

• *Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.

  If you're creating resource records sets for a private hosted zone, note the following:

  - You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution. - For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-aliastarget

property CFN_RESOURCE_TYPE_NAME

static readonly CFN_RESOURCE_TYPE_NAME: string;

• The CloudFormation resource type name for this resource class.

property cfnProperties

readonly cfnProperties: { [key: string]: any };

property cidrRoutingConfig

cidrRoutingConfig: any;

• The object that is specified in resource record set object when you are linking a resource record set to a CIDR location.

  A LocationName with an asterisk “*” can be used to create a default CIDR record. CollectionId is still required for default record.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-cidrroutingconfig

property comment

comment: string;

• *Optional:* Any comments you want to include about a change batch request.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-comment

property failover

failover: string;

• *Failover resource record sets only:* To configure failover, you add the Failover element to two resource record sets. For one resource record set, you specify PRIMARY as the value for Failover ; for the other resource record set, you specify SECONDARY . In addition, you include the HealthCheckId element and specify the health check that you want Amazon Route 53 to perform for each resource record set.

  Except where noted, the following failover behaviors assume that you have included the HealthCheckId element in both resource record sets:

  - When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set. - When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set. - When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set. - If you omit the HealthCheckId element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.

  You can't create non-failover resource record sets that have the same values for the Name and Type elements as failover resource record sets.

  For failover alias resource record sets, you must also include the EvaluateTargetHealth element and set the value to true.

  For more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :

  - [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) - [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-failover

property geoLocation

geoLocation: any;

• *Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of 192.0.2.111 , create a resource record set with a Type of A and a ContinentCode of AF .

  > Although creating geolocation and geolocation alias resource record sets in a private hosted zone is allowed, it's not supported.

  If you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.

  You can't create two geolocation resource record sets that specify the same geographic location.

  The value * in the CountryCode element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the Name and Type elements.

  > Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of CountryCode is * . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a * resource record set, Route 53 returns a "no answer" response for queries from those locations.

  You can't create non-geolocation resource record sets that have the same values for the Name and Type elements as geolocation resource record sets.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-geolocation

property healthCheckId

healthCheckId: string;

• If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the HealthCheckId element and specify the ID of the applicable health check.

  Route 53 determines whether a resource record set is healthy based on one of the following:

  - By periodically sending a request to the endpoint that is specified in the health check - By aggregating the status of a specified group of health checks (calculated health checks) - By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)

  > Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the Value element. When you add a HealthCheckId element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check.

  For more information, see the following topics in the *Amazon Route 53 Developer Guide* :

  - [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) - [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) - [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)

  *When to Specify HealthCheckId*

  Specifying a value for HealthCheckId is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:

  - *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.

  If the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.

  If the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.

  If the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly. - *Alias resource record sets* : You specify the following settings:

  - You set EvaluateTargetHealth to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A). - You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone. - You specify a health check ID for the non-alias resource record set.

  If the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.

  If the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.

  > The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.

  *Geolocation Routing*

  For geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has * for CountryCode is * , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:

  - The United States - North America - The default resource record set

  *Specifying the Health Check Endpoint by Domain Name*

  If your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each HTTP server that is serving content for www.example.com . For the value of FullyQualifiedDomainName , specify the domain name of the server (such as us-east-2-www.example.com ), not the name of the resource record sets ( www.example.com ).

  > Health check results will be unpredictable if you do the following: > > - Create a health check that has the same value for FullyQualifiedDomainName as the name of a resource record set. > - Associate that health check with the resource record set.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-healthcheckid

property hostedZoneId

hostedZoneId: string;

• The ID of the hosted zone that you want to create records in.

  Specify either HostedZoneName or HostedZoneId , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using HostedZoneId .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-hostedzoneid

property hostedZoneName

hostedZoneName: string;

• The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, www.example.com. ) as part of the HostedZoneName .

  When you create a stack using an AWS::Route53::RecordSet that specifies HostedZoneName , AWS CloudFormation attempts to find a hosted zone whose name matches the HostedZoneName. If AWS CloudFormation cannot find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.

  Specify either HostedZoneName or HostedZoneId , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using HostedZoneId .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-hostedzonename

property multiValueAnswer

multiValueAnswer: any;

• *Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify true for MultiValueAnswer . Note the following:

  - If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy. - If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy. - Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records. - If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records. - When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records. - If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.

  You can't create multivalue answer alias records.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-multivalueanswer

property name

name: string;

• For ChangeResourceRecordSets requests, the name of the record that you want to create, update, or delete. For ListResourceRecordSets responses, the name of a record in the specified hosted zone.

  *ChangeResourceRecordSets Only*

  Enter a fully qualified domain name, for example, www.example.com . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats www.example.com (without a trailing dot) and www.example.com. (with a trailing dot) as identical.

  For information about how to specify characters other than a-z , 0-9 , and - (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .

  You can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, *.example.com . Note the following:

  - The * must replace the entire label. For example, you can't specify *prod.example.com or prod*.example.com . - The * can't replace any of the middle labels, for example, marketing.*.example.com. - If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.

  > You can't use the * wildcard for resource records sets that have a type of NS.

  You can use the * wildcard as the leftmost label in a domain name, for example, *.example.com . You can't use an * for one of the middle labels, for example, marketing.*.example.com . In addition, the * must replace the entire label; for example, you can't specify prod*.example.com .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-name

property region

region: string;

• *Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.

  When Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.

  Note the following:

  - You can only specify one ResourceRecord per latency resource record set. - You can only create one latency resource record set for each Amazon EC2 Region. - You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for. - You can't create non-latency resource record sets that have the same values for the Name and Type elements as latency resource record sets.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-region

property resourceRecords

resourceRecords: string[];

• One or more values that correspond with the value that you specified for the Type property. For example, if you specified A for Type , you specify one or more IP addresses in IPv4 format for ResourceRecords . For information about the format of values for each record type, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .

  Note the following:

  - You can specify more than one value for all record types except CNAME and SOA. - The maximum length of a value is 4000 characters. - If you're creating an alias record, omit ResourceRecords .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-resourcerecords

property setIdentifier

setIdentifier: string;

• *Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of SetIdentifier must be unique for each resource record set.

  For information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-setidentifier

property ttl

ttl: string;

• The resource record cache time to live (TTL), in seconds. Note the following:

  - If you're creating or updating an alias resource record set, omit TTL . Amazon Route 53 uses the value of TTL for the alias target. - If you're associating this resource record set with a health check (if you're adding a HealthCheckId element), we recommend that you specify a TTL of 60 seconds or less so clients respond quickly to changes in health status. - All of the resource record sets in a group of weighted resource record sets must have the same value for TTL . - If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a TTL of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for Weight .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-ttl

property type

type: string;

• The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .

  Valid values for basic resource record sets: A | AAAA | CAA | CNAME | DS | MX | NAPTR | NS | PTR | SOA | SPF | SRV | TXT

  Values for weighted, latency, geolocation, and failover resource record sets: A | AAAA | CAA | CNAME | MX | NAPTR | PTR | SPF | SRV | TXT . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.

  Valid values for multivalue answer resource record sets: A | AAAA | MX | NAPTR | PTR | SPF | SRV | TXT

  > SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of Type is SPF . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, "...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it." In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) .

  Values for alias resource record sets:

  - *Amazon API Gateway custom regional APIs and edge-optimized APIs:* A - *CloudFront distributions:* A

  If IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of A and one with a value of AAAA . - *Amazon API Gateway environment that has a regionalized subdomain* : A - *ELB load balancers:* A | AAAA - *Amazon S3 buckets:* A - *Amazon Virtual Private Cloud interface VPC endpoints* A - *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except NS and SOA .

  > If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of Type is CNAME . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-type

property weight

weight: number;

• *Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:

  - You must specify a value for the Weight element for every weighted resource record set. - You can only specify one ResourceRecord per weighted resource record set. - You can't create latency, failover, or geolocation resource record sets that have the same values for the Name and Type elements as weighted resource record sets. - You can create a maximum of 100 weighted resource record sets that have the same values for the Name and Type elements. - For weighted (but not weighted alias) resource record sets, if you set Weight to 0 for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set Weight to 0 for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.

  The effect of setting Weight to 0 is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-weight

method inspect

inspect: (inspector: cdk.TreeInspector) => void;

• Examines the CloudFormation resource and discloses attributes.

  Parameter inspector

  tree inspector to collect and process attributes

method renderProperties

protected renderProperties: (props: { [key: string]: any }) => {
    [key: string]: any;
};

constructor

constructor(scope: cdk.Construct, id: string, props?: CfnRecordSetGroupProps);

• Create a new AWS::Route53::RecordSetGroup.

  Parameter scope

  scope in which this resource is defined

  Parameter id

  scoped id of the resource

  Parameter props

  resource properties

property CFN_RESOURCE_TYPE_NAME

static readonly CFN_RESOURCE_TYPE_NAME: string;

• The CloudFormation resource type name for this resource class.

property cfnProperties

readonly cfnProperties: { [key: string]: any };

property comment

comment: string;

• *Optional:* Any comments you want to include about a change batch request.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-recordsetgroup.html#cfn-route53-recordsetgroup-comment

property hostedZoneId

hostedZoneId: string;

• The ID of the hosted zone that you want to create records in.

  Specify either HostedZoneName or HostedZoneId , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using HostedZoneId .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-recordsetgroup.html#cfn-route53-recordsetgroup-hostedzoneid

property hostedZoneName

hostedZoneName: string;

• The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, www.example.com. ) as part of the HostedZoneName .

  When you create a stack using an AWS::Route53::RecordSet that specifies HostedZoneName , AWS CloudFormation attempts to find a hosted zone whose name matches the HostedZoneName . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.

  Specify either HostedZoneName or HostedZoneId , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using HostedZoneId .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-recordsetgroup.html#cfn-route53-recordsetgroup-hostedzonename

property recordSets

recordSets: any;

• A complex type that contains one RecordSet element for each record that you want to create.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-recordsetgroup.html#cfn-route53-recordsetgroup-recordsets

method inspect

inspect: (inspector: cdk.TreeInspector) => void;

• Examines the CloudFormation resource and discloses attributes.

  Parameter inspector

  tree inspector to collect and process attributes

method renderProperties

protected renderProperties: (props: { [key: string]: any }) => {
    [key: string]: any;
};

constructor

constructor(scope: Construct, id: string, props: CnameRecordProps);

constructor

constructor(
    scope: Construct,
    id: string,
    props: CrossAccountZoneDelegationRecordProps
);

constructor

constructor(scope: Construct, id: string, props: DsRecordProps);

constructor

constructor(scope: Construct, id: string, props: HostedZoneProps);

property hostedZoneArn

readonly hostedZoneArn: string;

property hostedZoneId

readonly hostedZoneId: string;

property hostedZoneNameServers

readonly hostedZoneNameServers?: string[];

property vpcs

protected readonly vpcs: CfnHostedZone.VPCProperty[];

• VPCs to which this hosted zone will be added

property zoneName

readonly zoneName: string;

method addVpc

addVpc: (vpc: ec2.IVpc) => void;

• Add another VPC to this private hosted zone.

  Parameter vpc

  the other VPC to add.

method fromHostedZoneAttributes

static fromHostedZoneAttributes: (
    scope: Construct,
    id: string,
    attrs: HostedZoneAttributes
) => IHostedZone;

• Imports a hosted zone from another stack.

  Use when both hosted zone ID and hosted zone name are known.

  Parameter scope

  the parent Construct for this Construct

  Parameter id

  the logical name of this Construct

  Parameter attrs

  the HostedZoneAttributes (hosted zone ID and hosted zone name)

method fromHostedZoneId

static fromHostedZoneId: (
    scope: Construct,
    id: string,
    hostedZoneId: string
) => IHostedZone;

• Import a Route 53 hosted zone defined either outside the CDK, or in a different CDK stack

  Use when hosted zone ID is known. Hosted zone name becomes unavailable through this query.

  Parameter scope

  the parent Construct for this Construct

  Parameter id

  the logical name of this Construct

  Parameter hostedZoneId

  the ID of the hosted zone to import

method fromLookup

static fromLookup: (
    scope: Construct,
    id: string,
    query: HostedZoneProviderProps
) => IHostedZone;

• Lookup a hosted zone in the current account/region based on query parameters. Requires environment, you must specify env for the stack.

  Use to easily query hosted zones.

  See Also

  • https://docs.aws.amazon.com/cdk/latest/guide/environments.html

constructor

constructor(scope: Construct, id: string, props: MxRecordProps);

constructor

constructor(scope: Construct, id: string, props: NsRecordProps);

constructor

constructor(scope: Construct, id: string, props: PrivateHostedZoneProps);

method fromPrivateHostedZoneId

static fromPrivateHostedZoneId: (
    scope: Construct,
    id: string,
    privateHostedZoneId: string
) => IPrivateHostedZone;

• Import a Route 53 private hosted zone defined either outside the CDK, or in a different CDK stack

  Parameter scope

  the parent Construct for this Construct

  Parameter id

  the logical name of this Construct

  Parameter privateHostedZoneId

  the ID of the private hosted zone to import

constructor

constructor(scope: Construct, id: string, props: PublicHostedZoneProps);

property crossAccountZoneDelegationRole

readonly crossAccountZoneDelegationRole?: iam.Role;

• Role for cross account zone delegation

method addDelegation

addDelegation: (
    delegate: IPublicHostedZone,
    opts?: ZoneDelegationOptions
) => void;

• Adds a delegation from this zone to a designated zone.

  Parameter delegate

  the zone being delegated to.

  Parameter opts

  options for creating the DNS record, if any.

method addVpc

addVpc: (_vpc: ec2.IVpc) => void;

method fromPublicHostedZoneAttributes

static fromPublicHostedZoneAttributes: (
    scope: Construct,
    id: string,
    attrs: PublicHostedZoneAttributes
) => IHostedZone;

• Imports a public hosted zone from another stack.

  Use when both hosted zone ID and hosted zone name are known.

  Parameter scope

  the parent Construct for this Construct

  Parameter id

  the logical name of this Construct

  Parameter attrs

  the PublicHostedZoneAttributes (hosted zone ID and hosted zone name)

method fromPublicHostedZoneId

static fromPublicHostedZoneId: (
    scope: Construct,
    id: string,
    publicHostedZoneId: string
) => IPublicHostedZone;

• Import a Route 53 public hosted zone defined either outside the CDK, or in a different CDK stack

  Parameter scope

  the parent Construct for this Construct

  Parameter id

  the logical name of this Construct

  Parameter publicHostedZoneId

  the ID of the public hosted zone to import

constructor

constructor(scope: Construct, id: string, props: RecordSetProps);

property domainName

readonly domainName: string;

constructor

protected constructor(values?: string[], aliasTarget?: IAliasRecordTarget);

• Parameter values

  correspond with the chosen record type (e.g. for 'A' Type, specify one or more IP addresses)

  Parameter aliasTarget

  alias for targets such as CloudFront distribution to route traffic to

property aliasTarget

readonly aliasTarget?: IAliasRecordTarget;

property values

readonly values?: string[];

method fromAlias

static fromAlias: (aliasTarget: IAliasRecordTarget) => RecordTarget;

• Use an alias as target.

method fromIpAddresses

static fromIpAddresses: (...ipAddresses: string[]) => RecordTarget;

• Use ip addresses as target.

method fromValues

static fromValues: (...values: string[]) => RecordTarget;

• Use string values as target.

constructor

constructor(scope: Construct, id: string, props: SrvRecordProps);

constructor

constructor(scope: Construct, id: string, props: TxtRecordProps);

constructor

constructor(
    scope: Construct,
    id: string,
    props: VpcEndpointServiceDomainNameProps
);

property domainName

domainName: string;

• The domain name associated with the private DNS configuration

constructor

constructor(scope: Construct, id: string, props: ZoneDelegationRecordProps);

property target

readonly target: RecordTarget;

• The target.

property dnsName

readonly dnsName: string;

• DNS name of the target

property hostedZoneId

readonly hostedZoneId: string;

• Hosted zone ID of the target

property target

readonly target: RecordTarget;

• The target.

property values

readonly values: CaaRecordValue[];

• The values.

property flag

readonly flag: number;

• The flag.

property tag

readonly tag: CaaTag;

• The tag.

property value

readonly value: string;

• The value associated with the tag.

property locations

readonly locations?:
    | Array<CfnCidrCollection.LocationProperty | cdk.IResolvable>
    | cdk.IResolvable;

• A complex type that contains information about the list of CIDR locations.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-cidrcollection.html#cfn-route53-cidrcollection-locations

property name

readonly name: string;

• The name of a CIDR collection.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-cidrcollection.html#cfn-route53-cidrcollection-name

property hostedZoneId

readonly hostedZoneId: string;

• A unique string (ID) that is used to identify a hosted zone. For example: Z00001111A1ABCaaABC11 .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-dnssec.html#cfn-route53-dnssec-hostedzoneid

property healthCheckConfig

readonly healthCheckConfig:
    | CfnHealthCheck.HealthCheckConfigProperty
    | cdk.IResolvable;

• A complex type that contains detailed information about one health check.

  For the values to enter for HealthCheckConfig , see [HealthCheckConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_HealthCheckConfig.html)

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-healthcheck.html#cfn-route53-healthcheck-healthcheckconfig

property healthCheckTags

readonly healthCheckTags?:
    | Array<CfnHealthCheck.HealthCheckTagProperty | cdk.IResolvable>
    | cdk.IResolvable;

• The HealthCheckTags property describes key-value pairs that are associated with an AWS::Route53::HealthCheck resource.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-healthcheck.html#cfn-route53-healthcheck-healthchecktags

property hostedZoneConfig

readonly hostedZoneConfig?:
    | CfnHostedZone.HostedZoneConfigProperty
    | cdk.IResolvable;

• A complex type that contains an optional comment.

  If you don't want to specify a comment, omit the HostedZoneConfig and Comment elements.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-hostedzone.html#cfn-route53-hostedzone-hostedzoneconfig

property hostedZoneTags

readonly hostedZoneTags?: CfnHostedZone.HostedZoneTagProperty[];

• Adds, edits, or deletes tags for a health check or a hosted zone.

  For information about using tags for cost allocation, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the *AWS Billing and Cost Management User Guide* .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-hostedzone.html#cfn-route53-hostedzone-hostedzonetags

property name

readonly name?: string;

• The name of the domain. Specify a fully qualified domain name, for example, *www.example.com* . The trailing dot is optional; Amazon Route 53 assumes that the domain name is fully qualified. This means that Route 53 treats *www.example.com* (without a trailing dot) and *www.example.com.* (with a trailing dot) as identical.

  If you're creating a public hosted zone, this is the name you have registered with your DNS registrar. If your domain name is registered with a registrar other than Route 53, change the name servers for your domain to the set of NameServers that are returned by the Fn::GetAtt intrinsic function.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-hostedzone.html#cfn-route53-hostedzone-name

property queryLoggingConfig

readonly queryLoggingConfig?:
    | CfnHostedZone.QueryLoggingConfigProperty
    | cdk.IResolvable;

• Creates a configuration for DNS query logging. After you create a query logging configuration, Amazon Route 53 begins to publish log data to an Amazon CloudWatch Logs log group.

  DNS query logs contain information about the queries that Route 53 receives for a specified public hosted zone, such as the following:

  - Route 53 edge location that responded to the DNS query - Domain or subdomain that was requested - DNS record type, such as A or AAAA - DNS response code, such as NoError or ServFail

  - **Log Group and Resource Policy** - Before you create a query logging configuration, perform the following operations.

  > If you create a query logging configuration using the Route 53 console, Route 53 performs these operations automatically.

  - Create a CloudWatch Logs log group, and make note of the ARN, which you specify when you create a query logging configuration. Note the following:

  - You must create the log group in the us-east-1 region. - You must use the same AWS account to create the log group and the hosted zone that you want to configure query logging for. - When you create log groups for query logging, we recommend that you use a consistent prefix, for example:

  /aws/route53/ *hosted zone name*

  In the next step, you'll create a resource policy, which controls access to one or more log groups and the associated AWS resources, such as Route 53 hosted zones. There's a limit on the number of resource policies that you can create, so we recommend that you use a consistent prefix so you can use the same resource policy for all the log groups that you create for query logging. - Create a CloudWatch Logs resource policy, and give it the permissions that Route 53 needs to create log streams and to send query logs to log streams. For the value of Resource , specify the ARN for the log group that you created in the previous step. To use the same resource policy for all the CloudWatch Logs log groups that you created for query logging configurations, replace the hosted zone name with * , for example:

  arn:aws:logs:us-east-1:123412341234:log-group:/aws/route53/*

  To avoid the confused deputy problem, a security issue where an entity without a permission for an action can coerce a more-privileged entity to perform it, you can optionally limit the permissions that a service has to a resource in a resource-based policy by supplying the following values:

  - For aws:SourceArn , supply the hosted zone ARN used in creating the query logging configuration. For example, aws:SourceArn: arn:aws:route53:::hostedzone/hosted zone ID . - For aws:SourceAccount , supply the account ID for the account that creates the query logging configuration. For example, aws:SourceAccount:111111111111 .

  For more information, see [The confused deputy problem](https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html) in the *AWS IAM User Guide* .

  > You can't use the CloudWatch console to create or edit a resource policy. You must use the CloudWatch API, one of the AWS SDKs, or the AWS CLI . - **Log Streams and Edge Locations** - When Route 53 finishes creating the configuration for DNS query logging, it does the following:

  - Creates a log stream for an edge location the first time that the edge location responds to DNS queries for the specified hosted zone. That log stream is used to log all queries that Route 53 responds to for that edge location. - Begins to send query logs to the applicable log stream.

  The name of each log stream is in the following format:

  *hosted zone ID* / *edge location code*

  The edge location code is a three-letter code and an arbitrarily assigned number, for example, DFW3. The three-letter code typically corresponds with the International Air Transport Association airport code for an airport near the edge location. (These abbreviations might change in the future.) For a list of edge locations, see "The Route 53 Global Network" on the [Route 53 Product Details](https://docs.aws.amazon.com/route53/details/) page. - **Queries That Are Logged** - Query logs contain only the queries that DNS resolvers forward to Route 53. If a DNS resolver has already cached the response to a query (such as the IP address for a load balancer for example.com), the resolver will continue to return the cached response. It doesn't forward another query to Route 53 until the TTL for the corresponding resource record set expires. Depending on how many DNS queries are submitted for a resource record set, and depending on the TTL for that resource record set, query logs might contain information about only one query out of every several thousand queries that are submitted to DNS. For more information about how DNS works, see [Routing Internet Traffic to Your Website or Web Application](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/welcome-dns-service.html) in the *Amazon Route 53 Developer Guide* . - **Log File Format** - For a list of the values in each query log and the format of each value, see [Logging DNS Queries](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html) in the *Amazon Route 53 Developer Guide* . - **Pricing** - For information about charges for query logs, see [Amazon CloudWatch Pricing](https://docs.aws.amazon.com/cloudwatch/pricing/) . - **How to Stop Logging** - If you want Route 53 to stop sending query logs to CloudWatch Logs, delete the query logging configuration. For more information, see [DeleteQueryLoggingConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteQueryLoggingConfig.html) .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-hostedzone.html#cfn-route53-hostedzone-queryloggingconfig

property vpcs

readonly vpcs?:
    | Array<CfnHostedZone.VPCProperty | cdk.IResolvable>
    | cdk.IResolvable;

• *Private hosted zones:* A complex type that contains information about the VPCs that are associated with the specified hosted zone.

  > For public hosted zones, omit VPCs , VPCId , and VPCRegion .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-hostedzone.html#cfn-route53-hostedzone-vpcs

property hostedZoneId

readonly hostedZoneId: string;

• The unique string (ID) that is used to identify a hosted zone. For example: Z00001111A1ABCaaABC11 .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-keysigningkey.html#cfn-route53-keysigningkey-hostedzoneid

property keyManagementServiceArn

readonly keyManagementServiceArn: string;

• The Amazon resource name (ARN) for a customer managed customer master key (CMK) in AWS Key Management Service ( AWS KMS ). The KeyManagementServiceArn must be unique for each key-signing key (KSK) in a single hosted zone. For example: arn:aws:kms:us-east-1:111122223333:key/111a2222-a11b-1ab1-2ab2-1ab21a2b3a111 .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-keysigningkey.html#cfn-route53-keysigningkey-keymanagementservicearn

property name

readonly name: string;

• A string used to identify a key-signing key (KSK). Name can include numbers, letters, and underscores (_). Name must be unique for each key-signing key in the same hosted zone.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-keysigningkey.html#cfn-route53-keysigningkey-name

property status

readonly status: string;

• A string that represents the current key-signing key (KSK) status.

  Status can have one of the following values:

  - **ACTIVE** - The KSK is being used for signing. - **INACTIVE** - The KSK is not being used for signing. - **DELETING** - The KSK is in the process of being deleted. - **ACTION_NEEDED** - There is a problem with the KSK that requires you to take action to resolve. For example, the customer managed key might have been deleted, or the permissions for the customer managed key might have been changed. - **INTERNAL_FAILURE** - There was an error during a request. Before you can continue to work with DNSSEC signing, including actions that involve this KSK, you must correct the problem. For example, you may need to activate or deactivate the KSK.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-keysigningkey.html#cfn-route53-keysigningkey-status

property comment

readonly comment?: string;

• *Optional:* Any comments you want to include about a change batch request.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-recordsetgroup.html#cfn-route53-recordsetgroup-comment

property hostedZoneId

readonly hostedZoneId?: string;

• The ID of the hosted zone that you want to create records in.

  Specify either HostedZoneName or HostedZoneId , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using HostedZoneId .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-recordsetgroup.html#cfn-route53-recordsetgroup-hostedzoneid

property hostedZoneName

readonly hostedZoneName?: string;

• The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, www.example.com. ) as part of the HostedZoneName .

  When you create a stack using an AWS::Route53::RecordSet that specifies HostedZoneName , AWS CloudFormation attempts to find a hosted zone whose name matches the HostedZoneName . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.

  Specify either HostedZoneName or HostedZoneId , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using HostedZoneId .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-recordsetgroup.html#cfn-route53-recordsetgroup-hostedzonename

property recordSets

readonly recordSets?:
    | Array<CfnRecordSetGroup.RecordSetProperty | cdk.IResolvable>
    | cdk.IResolvable;

• A complex type that contains one RecordSet element for each record that you want to create.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53-recordsetgroup.html#cfn-route53-recordsetgroup-recordsets

property aliasTarget

readonly aliasTarget?: CfnRecordSet.AliasTargetProperty | cdk.IResolvable;

• *Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.

  If you're creating resource records sets for a private hosted zone, note the following:

  - You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution. - For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-aliastarget

property cidrRoutingConfig

readonly cidrRoutingConfig?:
    | CfnRecordSet.CidrRoutingConfigProperty
    | cdk.IResolvable;

• The object that is specified in resource record set object when you are linking a resource record set to a CIDR location.

  A LocationName with an asterisk “*” can be used to create a default CIDR record. CollectionId is still required for default record.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-cidrroutingconfig

property comment

readonly comment?: string;

• *Optional:* Any comments you want to include about a change batch request.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-comment

property failover

readonly failover?: string;

• *Failover resource record sets only:* To configure failover, you add the Failover element to two resource record sets. For one resource record set, you specify PRIMARY as the value for Failover ; for the other resource record set, you specify SECONDARY . In addition, you include the HealthCheckId element and specify the health check that you want Amazon Route 53 to perform for each resource record set.

  Except where noted, the following failover behaviors assume that you have included the HealthCheckId element in both resource record sets:

  - When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set. - When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set. - When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set. - If you omit the HealthCheckId element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.

  You can't create non-failover resource record sets that have the same values for the Name and Type elements as failover resource record sets.

  For failover alias resource record sets, you must also include the EvaluateTargetHealth element and set the value to true.

  For more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :

  - [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) - [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-failover

property geoLocation

readonly geoLocation?: CfnRecordSet.GeoLocationProperty | cdk.IResolvable;

• *Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of 192.0.2.111 , create a resource record set with a Type of A and a ContinentCode of AF .

  > Although creating geolocation and geolocation alias resource record sets in a private hosted zone is allowed, it's not supported.

  If you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.

  You can't create two geolocation resource record sets that specify the same geographic location.

  The value * in the CountryCode element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the Name and Type elements.

  > Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of CountryCode is * . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a * resource record set, Route 53 returns a "no answer" response for queries from those locations.

  You can't create non-geolocation resource record sets that have the same values for the Name and Type elements as geolocation resource record sets.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-geolocation

property healthCheckId

readonly healthCheckId?: string;

• If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the HealthCheckId element and specify the ID of the applicable health check.

  Route 53 determines whether a resource record set is healthy based on one of the following:

  - By periodically sending a request to the endpoint that is specified in the health check - By aggregating the status of a specified group of health checks (calculated health checks) - By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)

  > Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the Value element. When you add a HealthCheckId element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check.

  For more information, see the following topics in the *Amazon Route 53 Developer Guide* :

  - [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) - [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) - [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)

  *When to Specify HealthCheckId*

  Specifying a value for HealthCheckId is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:

  - *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.

  If the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.

  If the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.

  If the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly. - *Alias resource record sets* : You specify the following settings:

  - You set EvaluateTargetHealth to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A). - You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone. - You specify a health check ID for the non-alias resource record set.

  If the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.

  If the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.

  > The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.

  *Geolocation Routing*

  For geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has * for CountryCode is * , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:

  - The United States - North America - The default resource record set

  *Specifying the Health Check Endpoint by Domain Name*

  If your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each HTTP server that is serving content for www.example.com . For the value of FullyQualifiedDomainName , specify the domain name of the server (such as us-east-2-www.example.com ), not the name of the resource record sets ( www.example.com ).

  > Health check results will be unpredictable if you do the following: > > - Create a health check that has the same value for FullyQualifiedDomainName as the name of a resource record set. > - Associate that health check with the resource record set.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-healthcheckid

property hostedZoneId

readonly hostedZoneId?: string;

• The ID of the hosted zone that you want to create records in.

  Specify either HostedZoneName or HostedZoneId , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using HostedZoneId .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-hostedzoneid

property hostedZoneName

readonly hostedZoneName?: string;

• The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, www.example.com. ) as part of the HostedZoneName .

  When you create a stack using an AWS::Route53::RecordSet that specifies HostedZoneName , AWS CloudFormation attempts to find a hosted zone whose name matches the HostedZoneName. If AWS CloudFormation cannot find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.

  Specify either HostedZoneName or HostedZoneId , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using HostedZoneId .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-hostedzonename

property multiValueAnswer

readonly multiValueAnswer?: boolean | cdk.IResolvable;

• *Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify true for MultiValueAnswer . Note the following:

  - If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy. - If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy. - Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records. - If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records. - When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records. - If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.

  You can't create multivalue answer alias records.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-multivalueanswer

property name

readonly name: string;

• For ChangeResourceRecordSets requests, the name of the record that you want to create, update, or delete. For ListResourceRecordSets responses, the name of a record in the specified hosted zone.

  *ChangeResourceRecordSets Only*

  Enter a fully qualified domain name, for example, www.example.com . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats www.example.com (without a trailing dot) and www.example.com. (with a trailing dot) as identical.

  For information about how to specify characters other than a-z , 0-9 , and - (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .

  You can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, *.example.com . Note the following:

  - The * must replace the entire label. For example, you can't specify *prod.example.com or prod*.example.com . - The * can't replace any of the middle labels, for example, marketing.*.example.com. - If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.

  > You can't use the * wildcard for resource records sets that have a type of NS.

  You can use the * wildcard as the leftmost label in a domain name, for example, *.example.com . You can't use an * for one of the middle labels, for example, marketing.*.example.com . In addition, the * must replace the entire label; for example, you can't specify prod*.example.com .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-name

property region

readonly region?: string;

• *Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.

  When Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.

  Note the following:

  - You can only specify one ResourceRecord per latency resource record set. - You can only create one latency resource record set for each Amazon EC2 Region. - You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for. - You can't create non-latency resource record sets that have the same values for the Name and Type elements as latency resource record sets.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-region

property resourceRecords

readonly resourceRecords?: string[];

• One or more values that correspond with the value that you specified for the Type property. For example, if you specified A for Type , you specify one or more IP addresses in IPv4 format for ResourceRecords . For information about the format of values for each record type, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .

  Note the following:

  - You can specify more than one value for all record types except CNAME and SOA. - The maximum length of a value is 4000 characters. - If you're creating an alias record, omit ResourceRecords .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-resourcerecords

property setIdentifier

readonly setIdentifier?: string;

• *Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of SetIdentifier must be unique for each resource record set.

  For information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-setidentifier

property ttl

readonly ttl?: string;

• The resource record cache time to live (TTL), in seconds. Note the following:

  - If you're creating or updating an alias resource record set, omit TTL . Amazon Route 53 uses the value of TTL for the alias target. - If you're associating this resource record set with a health check (if you're adding a HealthCheckId element), we recommend that you specify a TTL of 60 seconds or less so clients respond quickly to changes in health status. - All of the resource record sets in a group of weighted resource record sets must have the same value for TTL . - If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a TTL of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for Weight .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-ttl

property type

readonly type: string;

• The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .

  Valid values for basic resource record sets: A | AAAA | CAA | CNAME | DS | MX | NAPTR | NS | PTR | SOA | SPF | SRV | TXT

  Values for weighted, latency, geolocation, and failover resource record sets: A | AAAA | CAA | CNAME | MX | NAPTR | PTR | SPF | SRV | TXT . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.

  Valid values for multivalue answer resource record sets: A | AAAA | MX | NAPTR | PTR | SPF | SRV | TXT

  > SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of Type is SPF . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, "...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it." In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) .

  Values for alias resource record sets:

  - *Amazon API Gateway custom regional APIs and edge-optimized APIs:* A - *CloudFront distributions:* A

  If IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of A and one with a value of AAAA . - *Amazon API Gateway environment that has a regionalized subdomain* : A - *ELB load balancers:* A | AAAA - *Amazon S3 buckets:* A - *Amazon Virtual Private Cloud interface VPC endpoints* A - *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except NS and SOA .

  > If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of Type is CNAME . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-type

property weight

readonly weight?: number;

• *Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:

  - You must specify a value for the Weight element for every weighted resource record set. - You can only specify one ResourceRecord per weighted resource record set. - You can't create latency, failover, or geolocation resource record sets that have the same values for the Name and Type elements as weighted resource record sets. - You can create a maximum of 100 weighted resource record sets that have the same values for the Name and Type elements. - For weighted (but not weighted alias) resource record sets, if you set Weight to 0 for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set Weight to 0 for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.

  The effect of setting Weight to 0 is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .

  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-weight

property domainName

readonly domainName: string;

• The domain name.

property comment

readonly comment?: string;

• Any comments that you want to include about the hosted zone.

  none

property queryLogsLogGroupArn

readonly queryLogsLogGroupArn?: string;

• The Amazon Resource Name (ARN) for the log group that you want Amazon Route 53 to send query logs to.

  disabled

property zoneName

readonly zoneName: string;

• The name of the domain. For resource record types that include a domain name, specify a fully qualified domain name.

property delegatedZone

readonly delegatedZone: IHostedZone;

• The zone to be delegated

property delegationRole

readonly delegationRole: iam.IRole;

• The delegation role in the parent account

property parentHostedZoneId

readonly parentHostedZoneId?: string;

• The hosted zone id in the parent account

  - no zone id

property parentHostedZoneName

readonly parentHostedZoneName?: string;

• The hosted zone name in the parent account

  - no zone name

property removalPolicy

readonly removalPolicy?: RemovalPolicy;

• The removal policy to apply to the record set.

  RemovalPolicy.DESTROY

property ttl

readonly ttl?: Duration;

• The resource record cache time to live (TTL).

  Duration.days(2)

property values

readonly values: string[];

• The DS values.

property hostedZoneId

readonly hostedZoneId: string;

• Identifier of the hosted zone

property zoneName

readonly zoneName: string;

• Name of the hosted zone

property vpcs

readonly vpcs?: ec2.IVpc[];

• A VPC that you want to associate with this hosted zone. When you specify this property, a private hosted zone will be created.

  You can associate additional VPCs to this private zone using addVpc(vpc).

  public (no VPCs associated)