feat(route53): support HTTPS, SSHFP, SVCB, and TLSA DNS resource record (#31955)

mazyu36 · web-flow · commit afc2b0d1d1d6 · 2024-11-01T16:44:07.000Z
### Issue # (if applicable) N/A ### Reason for this change Route53 supports additional record types. Ref: https://aws.amazon.com/about-aws/whats-new/2024/10/amazon-route-53-https-sshfp-svcb-tlsa-dns-support/ These are already supported in CFn. https://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-resource-route53-recordset.html#cfn-route53-recordset-type ### Description of changes Add Enum. ### Description of how you validated changes Nothing because only enum added. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
diff --git a/packages/aws-cdk-lib/aws-route53/lib/record-set.ts b/packages/aws-cdk-lib/aws-route53/lib/record-set.ts
@@ -65,6 +65,15 @@ export enum RecordType {
    */
   DS = 'DS',
 
+  /**
+   * An HTTPS resource record is a form of the Service Binding (SVCB) DNS record that provides extended configuration information,
+   * enabling a client to easily and securely connect to a service with an HTTP protocol.
+   * The configuration information is provided in parameters that allow the connection in one DNS query, rather than necessitating multiple DNS queries.
+   *
+   * @see https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html#HTTPSFormat
+   */
+  HTTPS = 'HTTPS',
+
   /**
    * An MX record specifies the names of your mail servers and, if you have two or more mail servers,
    * the priority order.
@@ -120,6 +129,30 @@ export enum RecordType {
    */
   SRV = 'SRV',
 
+  /**
+   * A Secure Shell fingerprint record (SSHFP) identifies SSH keys associated with the domain name.
+   * SSHFP records must be secured with DNSSEC for a chain of trust to be established.
+   *
+   * @see https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html#SSHFPFormat
+   */
+  SSHFP = 'SSHFP',
+
+  /**
+   * You use an SVCB record to deliver configuration information for accessing service endpoints.
+   * The SVCB is a generic DNS record and can be used to negotiate parameters for a variety of application protocols.
+   *
+   * @see https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html#SVCBFormat
+   */
+  SVCB = 'SVCB',
+
+  /**
+   * You use a TLSA record to use DNS-Based Authentication of Named Entities (DANE).
+   * A TLSA record associates a certificate/public key with a Transport Layer Security (TLS) endpoint, and clients can validate the certificate/public key using a TLSA record signed with DNSSEC.
+   *
+   * @see https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html#TLSAFormat
+   */
+  TLSA = 'TLSA',
+
   /**
    * A TXT record contains one or more strings that are enclosed in double quotation marks (").
    *
