A RetroSearch Logo

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Search Query:

Showing content from https://cloud.google.com/dns/docs/records below:

Add, update, and delete records | Cloud DNS

Skip to main content Add, update, and delete records

Stay organized with collections Save and categorize content based on your preferences.

This page describes how to add, update, and delete resource record sets.

To view the list of supported resource record types, see Supported resource record types.

Permissions required for this task

To perform this task, you must have been granted the following permissions or the following IAM roles.

Permissions

Roles

Before you begin

  1. Create a managed zone. Complete the prerequisites for creating a managed zone and create a managed zone.

  2. Select a supported resource record type. Choose a resource record type for your resource record set.

Add a resource record set

To add a resource record set, follow these steps:

Console

  1. In the Google Cloud console, go to the Cloud DNS zones page.

    Go to Cloud DNS zones

  2. Click the name of the managed zone that you want to add the record to.

  3. On the Zone details page, click Add standard.

  4. On the Create record set page, in the DNS name field, enter the subdomain of the DNS zone—for example, mail. The trailing dot is automatically added at the end.

    To create a wildcard DNS record, enter an asterisk—for example, *.example.com.

    The at sign (@) does not automatically create an apex record. To create a resource record at the domain apex, leave the DNS name field blank.

  5. Select the Resource record type—for example, MX.

  6. In the TTL field, enter a numeric value for the resource record's time to live, which is the amount of time that it can be cached. This value must be a positive integer.

  7. From the TTL unit menu, select the unit of time—for example, minutes.

  8. Depending on the resource record type that you have selected, populate the remaining fields.

  9. To enter additional information, click Add item.

  10. Click Create.

gcloud

To add a resource record set, use the gcloud dns record-sets create command:

gcloud dns record-sets create RRSET_NAME \
    --rrdatas=RR_DATA \
    --ttl=TTL \
    --type=RRSET_TYPE \
    --zone=MANAGED_ZONE

Replace the following:

API

To add a resource record set, use the resourceRecordSets.create method method:

POST https://dns.googleapis.com/dns/v1/projects/PROJECT_ID/managedZones/MANAGED_ZONE/rrsets
{
    "name": "RRSET_NAME",
    "type": "RRSET_TYPE",
    "ttl": TTL,
    "rrdatas": [ RR_DATA ]
}

Replace the following:

Terraform Add a collection of resource record sets in a transaction

You can add multiple resource record sets by creating a transaction that specifies the changes. A transaction is a group of one or more DNS record changes that must be applied as a unit. The entire transaction either succeeds or fails, ensuring your data is never left in an inconsistent state. You can create a transaction only by using the gcloud CLI or the Cloud DNS API.

To create a transaction, follow these steps:

gcloud

  1. To start a transaction, use the gcloud dns record-sets transaction start command:

    gcloud dns record-sets transaction start \
   --zone=MANAGED_ZONE

    Replace MANAGED_ZONE with the name of the managed zone whose resource record sets you want to manage—for example, my-zone-name.

  2. To add a resource record set as part of a transaction, use the gcloud dns record-sets transaction add command:

    gcloud dns record-sets transaction add RR_DATA \
   --name=DNS_NAME \
   --ttl=TTL \
   --type=RECORD_TYPE \
   --zone=MANAGED_ZONE

    Replace the following:

  3. To execute the transaction, use the gcloud dns record-sets transaction execute command:

    gcloud dns record-sets transaction execute \
   --zone=MANAGED_ZONE

  4. To add a wildcard transaction, use the gcloud dns record-sets transaction add command:

    gcloud dns record-sets transaction add \
   --zone=MANAGED_ZONE \
   --name=WILDCARD_DNS_NAME \
   --type=RECORD_TYPE \
   --ttl=TTL

    Replace the following:

API

To create a transaction with new resource record sets, use the changes.create method:

POST https://dns.googleapis.com/dns/v1/projects/PROJECT_ID/managedZones/MANAGED_ZONE/changes

{
  "deletions": []
  "additions": [
    {
      "name": DNS_NAME,
      "type": RECORD_TYPE,
      "ttl": TTL,
      "rrdatas": [
        RR_DATA
      ]
    }
  ]
}

Replace the following:

To deliver email to your domain, you must add MX records to your zone. If you use Google Workspace as your Simple Mail Transfer Protocol (SMTP) provider, see the Set up Google Workspace MX records support page. Otherwise, use the MX record details from your provider and follow the setup process described for Google Workspace.

View resource record sets for a zone

To view resource record sets for a zone, follow these steps:

Console

  1. In the Google Cloud console, go to the Cloud DNS page.

    Go to Cloud DNS

  2. On the Zones tab, click the zone for which you want to view the resource record sets.

    The Zone details page shows the details of all the resource record sets in that zone.

gcloud

To view the DNS records for your zone, use the gcloud dns record-sets list command:

gcloud dns record-sets list \
   --zone="ZONE_NAME"

Replace ZONE_NAME with the name of a DNS zone in your project.

The command outputs the JSON response for the resource record set for the first 100 records. You can specify these additional parameters:

API

To view the DNS records for your zone, use the resourceRecordSets.list method:

GET https://dns.googleapis.com/dns/v1/projects/PROJECT_ID/managedZones/MANAGED_ZONE/rrsets

Replace the following:

View details of a resource record set

This procedure assumes that you have already created a resource record set within the managed Cloud DNS zone.

To view the details of an existing resource record set, follow these steps:

Console

  1. In the Google Cloud console, go to the Cloud DNS zones page.

    Go to Cloud DNS zones

  2. Click the zone that contains the resource record set.

  3. Click the resource record set for which you want to view the details.

    The Resource record set details page displays the details of the resource record set.

gcloud

To view the details of an existing resource record set, use the gcloud dns record-sets describe command:

gcloud dns record-sets describe RRSET_NAME \
  --type=RRSET_TYPE \
  --zone=MANAGED_ZONE

Replace the following:

API

To get the details of an existing resource record set, use the resourceRecordSets.get method:

GET https://dns.googleapis.com/dns/v1/projects/PROJECT_ID/managedZones/MANAGED_ZONE/rrsets/RRSET_NAME/RRSET_TYPE

Replace the following:

Update a resource record set

To modify a record set, follow these steps:

Console

To apply a partial update to an existing resource record set, follow these steps:

  1. In the Google Cloud console, go to the Cloud DNS zones page.

    Go to Cloud DNS zones

  2. Click the zone for which you want to update the resource record set.

  3. On the Zone details page, next to the resource record set that you want to update, click editEdit.

  4. After making the necessary updates, click Save.

Note: You cannot enter conflicting data; for example, if two records have the same name, they must be of different types. The only exception is if one of them is a CNAME record, in which case only the CNAME record can exist. gcloud

To apply a partial update to an existing resource record set, use the gcloud dns record-sets update command:

gcloud dns record-sets update RRSET_NAME \
    --rrdatas=RR_DATA \
    --ttl=TTL \
    --type=RRSET_TYPE \
    --zone=MANAGED_ZONE

Replace the following:

API

To apply a partial update to an existing resource record set, use the resourceRecordSets.patch method:

PATCH https://dns.googleapis.com/dns/v1/projects/PROJECT_ID/managedZones/MANAGED_ZONE/rrsets/RRSET_NAME/RRSET_TYPE
{
  "ttl": TTL,
  "rrdatas": RR_DATA,
  "update_mask": {
      "paths": ["rrset.ttl", "rrset.rrdatas"]
  }
}
Note: The update_mask is required when calling the API directly without gcloud.

Replace the following:

Delete resource record sets

When you delete resource record sets, their DNS records are permanently removed; they cannot be recovered. To prevent losing your DNS records, export the resource record sets before deletion. For information about how to export resource record sets, see Import and export resource record sets.

Cloud DNS public zones are authoritative, and the name server (NS) and start of authority (SOA) record types are located at the zone apex, which is the root of that domain. Cloud DNS automatically creates NS and SOA records at the zone apex. These records can't be deleted by using the Cloud DNS API and are automatically deleted when the zone is deleted. For more information, see RFC 1034.

To delete resource record sets, follow these steps:

Console

  1. In the Google Cloud console, go to the Cloud DNS page.

    Go to Cloud DNS zones

    Records for the zone are listed on the Zone details page.

  2. To delete resource record sets in a zone, click the name of the zone.

  3. Next to the resource record sets that you want to delete, select the checkbox.

  4. Click Delete record sets.

gcloud

To delete an existing resource record set, use the gcloud dns record-sets delete command:

gcloud dns record-sets delete RRSET_NAME \
    --type=RRSET_TYPE \
    --zone=MANAGED_ZONE

Replace the following:

API

To delete an existing resource record set, use the resourceRecordSets.delete method:

DELETE https://dns.googleapis.com/dns/v1/projects/PROJECT_ID/managedZones/MANAGED_ZONE/rrsets/RRSET_NAME/RRSET_TYPE

Replace the following:

Import and export resource record sets

To copy resource record sets into and out of a managed zone, you can use import and export commands. You can import from and export to either the BIND zone file format or the YAML file format.

gcloud

  1. To import a resource record set, use the dns record-sets import command:

    gcloud dns record-sets import -z=ZONE_NAME

    If you want to specify the file format of the zone file, use the previous command with the --zone-file-format flag. If you omit the flag, you must provide a YAML format zone file.

    Replace ZONE_NAME with a new name for your zone.

  2. To export a resource record set, use the dns record-sets export command. To specify that the resource record sets are exported into a BIND zone-formatted file, use the --zone-file-format flag. For example:

    example.com. 21600 IN NS ns-gcp-private.googledomains.com.
example.com. 21600 IN SOA ns-gcp-private.googledomains.com.
cloud-dns-hostmaster.google.com. 1 21600 3600 259200 300
host1.example.com. 300 IN A 192.0.2.91

    If you omit the --zone-file-format flag, export exports the resource record set into a YAML-formatted records file:

    gcloud dns record-sets export example.zone -z=examplezonename

    For example:

    ---
kind: dns#resourceRecordSet
name: example.com.
rrdatas:
- ns-gcp-private.googledomains.com.
ttl: 21600
type: NS
---
kind: dns#resourceRecordSet
name: example.com.
rrdatas:
- ns-gcp-private.googledomains.com. cloud-dns-hostmaster.google.com. 1 21600 3600 259200 300
ttl: 21600
type: SOA
---
kind: dns#resourceRecordSet
name: host1.example.com.
rrdatas:
- 192.0.2.91
ttl: 300
type: A

    Cloud DNS supports the ALIAS record type, which isn't a standard DNS record type and isn't supported in BIND. If you're exporting resource record sets to BIND, ALIAS records are skipped. If a zone has a routing policy, it is exported as a record with empty resource record data (rrdata).

Supported resource record types For record type Enter A

The host's numeric address, in IPv4 dotted decimal format. The A record type maps an IPv4 address to a domain name and determines where the requests for the domain name are directed—for example, 192.0.2.91.

AAAA

The host's numeric IP address, in IPv6 hexadecimal format. The AAAA (quad A) record type maps an IPv6 address to a domain name and determines where the requests for the domain name are directed—for example, 2001:db8::8bd:1002.

ALIAS (Preview)

The canonical name to resolve for incoming address queries—for example, example.my-cdn.net. When an A/AAAA query reaches an ALIAS record, the ALIAS's canonical name is resolved to determine the returned IP addresses. You can only add an ALIAS record at the apex of a domain.

CAA

The certificate authorities that are authorized to issue certificates for this domain—for example, ca.example.net.

Create a CAA record type to ensure that unauthorized CAs don't issue certificates to your domain.

Note: We recommend that you enable Domain Name System Security Extensions (DNSSEC) when using this record type in a public zone. DNSSEC is not enabled by default for zones. CNAME

The DNS alias for an A record—for example, ftp.example.com is a DNS alias to www.example.com. In this example, ftp.example.com is a service present in the same server as www.example.com. Links pointing to ftp.example.com receive the A record of www.example.com.

You can also use the CNAME record type to point to an entirely different domain name—for example, altostrat.com is a DNS alias to www.example.com.

Sometimes, a name server responds with the CNAME record and the A record referred to by the CNAME value; this behavior is called CNAME chasing.

DNSKEY Note: If you have enabled DNSSEC for this zone, the Zone Signing Key (ZSK) and Key Signing Key (KSK) are automatically generated. For more information about viewing your DNSKEY, see Displaying current DNSKEYs.

The DNSSEC public key that the resolvers use to verify the authenticity of records using ZSK and KSK keys—for example, 7200 IN DNSKEY 256 3 8 AwEAAarQO0FTE/l6LEKFlZllJIwXuLGd3q5d8S8NH+ntOeIMN81A5wAI. In this example, 7200 is the TTL, 256 is the decimal representation of DNSKEY flags, 3 is the protocol indicator for DNSSEC, and 8 is the RSA/SHA-256 cryptographic algorithm used for the key.

You can only add this record type in a public and DNSSEC-enabled zone that is in the Transfer state. For more information, see Manage DNSSEC configuration.

DS

The DNSSEC key fingerprint for a secure delegated zone—for example, 7200 IN DS 31523 5 1 c8761ba5defc26ac7b78e076d7c47fa9f86b9fba. In this example, 7200 is the TTL, 31523 is the keytag, 5 is the algorithm, and 1 is the digest type.

You can only add this record type in a public zone. This record type does not activate DNSSEC for a delegated zone unless you enable (and activate) DNSSEC for this zone. DNSSEC is not enabled by default for zones.

HTTPS, SVCB

The service priority (SvcPriority), which is 0 for aliases and 1-65535 for service descriptions, TargetName ("." if same as the owner name), and service parameters (SvcParams), consisting of key=value pairs describing the target endpoint, separated by spaces. For more details, see the draft specification.

IPSECVPNKEY

The IPsec public VPN key. The IPSECVPNKEY record type enables opportunistic encryption through IPsec tunnels—for example, 10 1 2 192.0.2.1 AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt==.

You can only add this record type in a public zone.

Note: We recommend that you enable DNSSEC when using this record type. DNSSEC is not enabled by default for zones. MX

A preference number and DNS name of a mail exchange server that receives emails on behalf of your domain. SMTP servers prefer servers with lower preference numbers. 0 is the lowest preference number that you can enter.

For example: 1 mail.example.com.

Ensure that there is a space between the preference number and the DNS name. The MX record that you enter must end with a period or dot (.).

You can create multiple records with different priorities to configure backup mail servers or use the same priority to distribute the load across multiple mail servers.

For example, to direct your email to your Google Workspace account, enter the following:

NAPTR

The name authority pointer rules used for mapping Uniform Resource Names (URN) by Dynamic Delegation Discovery System (DDDS) applications—for example, 100 10 "u" "sip+E2U" "!^.*$!sip:information@example.com!i". For more information, see RFC 3403.

The NAPTR record type is used by DDDS applications to convert or replace one value with another to find a URN.

NS

The DNS name of the authoritative name server that provides DNS services for your domain or subdomain. Your NS records must match the name servers for your zone—for example, ns-1.example.com.

Note: A wildcard resource record set of type NS is not supported. Note: Managed private zones do not support custom resource record sets of type NS. PTR

The Fully Qualified Domain Name (FQDN) or the canonical name of the domain that maps to an IP address—for example, server-1.example.com.

The PTR record type is typically used for reverse lookups.

SPF

The SPF resource record set type is deprecated. Use TXT records starting with v=spf1 instead. SPF type records are not used by modern email software.

SRV

The data that specifies the location, that is, the hostname and port number, of servers for a particular service—for example, 0 1 587 mail.example.com.

For more information, see RFC 2782.

SSHFP

The SSH server algorithm number, fingerprint type number, and key fingerprint—for example, 2 1 123456789abcdef67890123456789abcdef67890.

Use this record type only if you have enabled DNSSEC for this zone.

TLSA

The DNS-based Authentication of Named Entities (DANE) TLSA Certificate Association information.

A TLSA record contains information used to validate X.509 certificates (such as certificates used by HTTPS) without depending on one of a preconfigured set of certificate authorities (CAs) signing them—for example, 1 1 2 92003ba34942dc74152e2f2c408d29ec. In this example, 1 is the protocol indicator for DNSSEC, 1 is the public key, and 2 is the RSA/SHA-256 cryptographic algorithm used for the key.

Use this record type only if you have enabled DNSSEC for this zone.

TXT

Text data, which can contain arbitrary text and can also be used to define machine-readable data, such as security or abuse prevention information.

A TXT record may contain one or more text strings; the maximum length of each string is 255 characters. If your record data is more than 255 bytes, divide your record into 255-byte strings and enclose each string in quotation marks—for example, "String one 255 bytes" "String two 255 bytes".

Mail agents and other software agents concatenate multiple strings.

Enclose each string in quotation marks—for example, "Hello world" "Bye world".

Each TXT record has a 1000-character limit. If you need to increase this limit, contact Google Cloud support.

What's next

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-10-13 UTC.

[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-10-13 UTC."],[],[]]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.5