Creating a private DNS zone
To create a private DNS zone:
- In the management console
, select the folder where you need to create a DNS zone. - Select Cloud DNS.
- Click Create zone.
- Specify the zone settings:
- Zone: Domain zone. The zone name must end with a dot. You cannot create public top-level domain (TLD) zones. To create a domain zone with non-Latin characters, use Punycode
encoding. - Type:
Internal
. - Specify the networks whose resources will be included in the zone being created.
- Name of the zone.
- Zone: Domain zone. The zone name must end with a dot. You cannot create public top-level domain (TLD) zones. To create a domain zone with non-Latin characters, use Punycode
- Click Create.
If you do not have the Yandex Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name
or --folder-id
parameter.
To create a new DNS zone:
-
View a description of the CLI create zone command:
yc dns zone create --help
-
Create a new private DNS zone in the default folder:
yc dns zone create --name test-zone \ --zone staging. \ --private-visibility network-ids=<network_IDs_for_the_zone>
Where
--private-visibility
refers to the IDs of the networks whose resources will be included in the zone.Result:
id: aet29qhara5j******** folder_id: aoerb349v3h4******** created_at: "2021-02-21T09:21:03.935Z" name: test-zone zone: staging. private_visibility: network_ids: - c645mh47vsc********
If you don't have Terraform, install it and configure the Yandex Cloud provider.
-
In the configuration file, describe the parameters of the resources you want to create:
-
DNS zone parameters:
zone
: Domain zone. The zone name must end with a dot. You cannot create public top-level domain (TLD) zones. To create a domain zone with non-Latin characters, use Punycode encoding. This is a required parameter.folder_id
: ID of the folder to create a zone in. If not specified, the default folder is used. This is an optional parameter.name
: Zone name. It must be unique within the folder. This is an optional parameter.description
: Zone description. This is an optional parameter.labels
: Set of DNS zone labels. This is an optional parameter.public
: Zone visibility, public or private. This is an optional parameter.private_networks
: For a private zone, specify the Virtual Private Cloud resources that have access to domain names within this zone. This is an optional parameter.
-
DNS record parameters:
zone_id
: ID of the zone where the record set will be located. This is a required parameter.name
: Domain name. This is a required parameter.type
: DNS record type. This is a required parameter.ttl
: Record time to live (TTL) in seconds before updating the record value. This is an optional parameter.data
: Record value. This is an optional parameter.
Here is an example of the configuration file structure:
resource "yandex_vpc_network" "foo" {} resource "yandex_dns_zone" "zone1" { name = "my-private-zone" description = "Test private zone" labels = { label1 = "test-private" } public = false private_networks = [yandex_vpc_network.foo.id] } resource "yandex_dns_recordset" "rs1" { zone_id = yandex_dns_zone.zone1.id name = "srv.example.com." type = "A" ttl = 200 data = ["10.1.0.1"] }
For more information about resources you can create with Terraform, see the provider documentation
. -
-
Run a check using this command:
terraform plan
The terminal will display a list of resources with parameters. This is a test step; no resources will be created. If the configuration contains any errors, Terraform will point them out.
Alert
You will be charged for all the resources created with Terraform. Check the pricing plan carefully.
-
To create resources, run the command:
terraform apply
-
Confirm creating the resources: type
yes
in the terminal and press Enter.Terraform will create all the required resources. You can check the new resources using the management console
or this CLI command:yc dns zone get <zone_name>
To create a private DNS zone, use the create REST API method for the DnsZone resource or the DnsZoneService/Create gRPC API call.