Cloud DNS has a new group privilege called Access and manage DNS. The privilege must be enabled for a group so that the group members inherit this privilege through group privilege settings. Once the privilege is granted, contract users can view the Cloud DNS API.
Prerequisite: Make sure you have one or more Groups in the User Manager. To create one, see Create a group.
To set user privileges to manage DNS zones and records, follow these steps:
In the DCD, open Management > Users & Groups under Users.
Select the Groups tab in the User Manager window.
Select the target group name from the Groups list.
Select the Access and manage DNS checkbox in the Privileges tab.
Result: The Access and manage DNS privilege is granted to all the members in the selected group.
You can revoke a user's Access and manage DNS privilege by removing the user from all the groups that have this privilege enabled.
Warning: You can revoke a user from this privilege by disabling Access and manage DNS for every group the user belongs to. In this case, all the members in the respective groups would also be revoked from this privilege.
To revoke this privilege from a contract administrator, disable the administrator option on the user account. On performing this action, the contract administrator gets the role of a contract user, and the privileges that were set up for the user before being an administrator will then be in effect.
Note: Only contract administrators, owners, and users with Access and manage DNS privilege can create and manage DNS zones and records. You can set user privileges in the or the .
To create a zone, follow these steps:
In the DCD, go to Menu > Network > Cloud DNS.
Info: The Public Zones section displays the DNS zones already created.
Click Create your first DNS zone in the Public Zones tab to open the Create Primary Zone window.
Info: If you have already created your first zone, but want to configure additional zones, click Create Zone to open the Create Primary Zone window.
Enter the following details in the Create Primary Zone window:
Enabled/Disabled: Set the status to either Enabled (Default) or Disabled.
Name: Enter an appropriate name for your DNS zone.
Description (Optional): Enter an appropriate description for your DNS zone.
Note: When a zone is disabled, its corresponding SOA record is removed, and the zone is no longer associated with IONOS nameservers.
Click Create Zone to create the DNS zone.
The success message for creation provides you the option to copy the IONOS nameservers to configure the domain at your registrar. Alternatively, you can also proceed to create records within the created zone.
Result: Your DNS zone is now created.
After creation, you can view the list of zones and manage them as required.
To view a list of the zones, follow these steps:
In the DCD, go to Menu > Network > Cloud DNS > Public Zones tab.
Result: A list of all zones with the following details are displayed: — DNS ZONES: Displays the name of the zone. — STATES: Displays the state of the respective zone.  — Available: Indicates that the zone is available and healthy.  — Provisioning: Indicates that the zone is being created or updated.  — Destroying: Indicates that the zone is being deleted.  — Failed: Indicates that an error occurred during creation, update or deletion. — ENABLED/DISABLED: Indicates if the zone is currently enabled or disabled. — ACTIONS: Select the three dots to perform the following operations:  — Details & Records: Select to view the details of the respective zone and manage its records.  — Copy Zone UUID: Copy the UUID of the zone.  — Copy endpoint HREF: Copy the Cloud DNS API HREF of the zone. It is especially useful when using the Cloud DNS API for advanced DNS management.
To view details of a given zone, follow these steps:
In the DCD, go to Menu > Network > Cloud DNS > Public Zones tab.
Select the zone to view its details. Alternatively, you can also select Details & Records in the ACTION column to view the details.
In the Details & Records window, select Zone Details.
Result: The following information is displayed in Zone details: — Zone Name: Displays the name of the zone. — Status: Indicates if the zone is Available.  — Available: Indicates that the zone is available and healthy.  — Provisioning: Indicates that the zone is being created or updated.  — Destroying: Indicates that the zone is being deleted.  — Failed: Indicates that an error occurred during creation, update or deletion. — Enabled: Displays Yes if the zone is Enabled or No when it is Disabled. — UUID: Displays the UUID of the zone. Click Copy if you want to copy it to the clipboard. — Creation date: Displays the creation date and time of the zone. — Last modified: Displays the last modified date and time of the zone. — Nameservers: Displays the nameservers of the zone. Click Copy if you want to copy it to the clipboard. — Description: Displays the description of the zone.
To update details of a given zone, follow these steps:
In the DCD, go to Menu > Network > Cloud DNS > Public Zones tab.
Select a zone to update its details.
In the Details & Records window:
click Zone Details to view the details. You can click Copy to copy the UUID and the Nameservers to the clipboard.
click Edit zone to make the following changes:
Toggle Enabled/Disabled to enable or disable the zone status.
You can also update the Description (Optional).
Click Update Zone.
Result: The details of your zones are updated.
To delete a given zone, follow these steps:
In the DCD, go to Menu > Network > Cloud DNS > Public Zones tab.
Delete a zone using the following options:
Delete multiple zones either in bulk or individually by selecting respective checkboxes and clicking Delete.
Select Delete Primary Zone from the ACTIONS column to delete the respective DNS zone.
Click on the specific zone and in the Details & Records window, click Edit zone. Click Delete Zone.
Click Delete in the Delete primary zone confirmation dialog box.
Result: Your zone is deleted.
Prerequisite: A domain name is necessary to use the Cloud DNS. If you do not have one already, get a domain name and register it with a domain registrar.
Note: By default, only contract administrators and owners can manage the Cloud DNS records and zones using the and the .
To facilitate additional users with privilege to manage the DNS zones and records, the offers a new group privilege called Access and manage DNS in the User Manager, under the Privileges tab. Assigning this privilege to a group grants all users within the group the ability to manage Cloud DNS zones and records via the Cloud DNS API or the DCD.
For information on setting Access and manage DNS privilege to a group, see .
The DCD lets you manage DNS zones and records via the graphical user interface.
On assigning user privileges, continue with the following DCD How-Tos:
To connect your domain with Cloud DNS, see .
Note: Advanced DNS management features like DNSSEC, Secondary zones, and Import/Export of zones is currently only supported via the .
A reverse DNS (rDNS) maps a public IP address and a domain name. A reverse DNS lookup zone contains the attributes that instruct Cloud DNS to perform a Pointer (PTR) lookup against DNS servers to find the domain name mapped to the IPv4 or IPv6 addresses.
For more information about IPv6 configuration in the DCD, see IPv6 Configuration.
Note:
Reverse DNS lookup is supported only for the following:
Public IPv6 addresses assigned to your VDCs.
Reserved IPv4 addresses.
The IPv4 address must be from a reserved IP range. To reserve an IPv4 address, follow these steps:
In the DCD go to the Menu > Network > IP Management.
Enter a name and the number of IPv4 addresses.
Select a region where you want your IPv4 addresses to be reserved.
Select Reserve IP to reserve the IPv4 address.
Select OK to confirm the reservation.
For a reverse DNS record, you can use an IPv6 address that belongs to any of the /56 IPv6 blocks assigned to the VDC and has a prefix length of /128. For example, consider the IPv6 address 2001:db8:1234:5678::1/128, which belongs to a 2001:db8:1234:5678::/56 block. For more information, see IPv6 Configuration.
You need an IONOS Cloud account with API credentials configured with the appropriate permissions.
You must be a contract administrator, owner, or a user with Access and manage DNS privilege to create and manage PTR records. You can also set User privileges via the API.
Before creating a Reverse DNS record, it is recommended to create an A or AAAA record for the IP address you want to use for the reverse DNS record. For more information, see Create a DNS Record.
Sub-users can create Reverse DNS records for IPv4 addresses only if the user group they belong to has access to the concerned reserved IP block. For more information, see Add users to a group.
To create a PTR record for a reverse DNS, follow these steps:
In the DCD, go to Menu > Network > Cloud DNS.
Select the Reverse DNS tab and click Create PTR Record to create records.
Enter the following details in the Create PTR record window:
IP Version: Choose either IPv4 or IPv6 address based on the need.
IP Address:
If you have chosen an IPv4 version, your reserved IPv4 addresses will appear in the drop-down list. Select an IPv4 address from the reserved list of addresses.
For an IPv6 version, specify an IPv6 address and ensure that it belongs to any of the /56 IPv6 blocks assigned to the VDC and has a prefix length of /128.
Name: Enter a name or a sub-domain that must be mapped to the IP address.
Description (Optional): Enter an appropriate description for your reverse DNS zone.
Click Create PTR Record to create the PTR record.
Result: Your PTR record creation is successful.
To view a list of PTR records, do the following:
In the DCD, go to Menu > Network > Cloud DNS > Reverse DNS tab.
Result: A list of all PTR records with the following details are displayed: — IP ADDRESS: Displays the IP address of the respective PTR record. — NAME: Displays the name of the mapped domain or subdomain. — CREATED DATE: Indicates the date of PTR record creation. — ACTIONS: Select the three dots to perform the following operations:  — Details & edit: Select to view the details of the respective PTR record or update it, if necessary.  — Copy UUID: Copy the UUID of the PTR record.  — Copy HREF: Copy the Cloud DNS API HREF of the PTR record.  — Delete: Select the option to delete the respective PTR record, and in the Delete PTR record? confirmation dialog box, click Delete to confirm deletion. For more information, see Delete a PTR record.
You can update the domain or sub-domain name associated with the PTR record or the description of the PTR record. Follow these steps to update a PTR record:
In the DCD, go to Menu > Network > Cloud DNS > Reverse DNS tab.
You can follow either of these options to update a record:
Select the corresponding IP address from the IP ADDRESS column.
Select Details & edit from the drop-down list in the ACTIONS column.
Modify the Name and Description, if necessary.
Select Update PTR record to save the changes.
Info: You can click Delete to delete the respective PTR record. For more information, see Delete a PTR record.
To delete a PTR record, follow these steps:
In the DCD, go to Menu > Network > Cloud DNS > Reverse DNS tab.
Click Delete from the ACTIONS column to delete the corresponding PTR record.
Alternatively, to delete a specific PTR record, you can also do the following:
Select the corresponding IP address from the IP ADDRESS column or select Details & edit from the drop-down list in the ACTIONS column.
Click Delete in the Update PTR record window.
Select Delete in the Delete PTR record? dialog box to confirm deletion.
Result: The selected PTR record is successfully deleted.
A DNS zone is mandatory to create a record. For more information, see Manage DNS Zones for detailed instructions.
To create a record, follow these steps:
In the DCD, go to Menu > Network > Cloud DNS > Public Zones tab.
Select the appropriate zone in the DNS ZONES column to create records. Alternatively, click Details & Records in the ACTIONS column.
Click Create Record in the Details & Records window.
Enter the following details in the Create Record window:
Enabled/Disabled: Set it to either Enabled (by default) or Disabled.
Name: Enter an appropriate name for your DNS record. Leaving the name field empty will result in the creation of an Apex record. You can also provide * to create a wildcard DNS record.
TTL: Enter an appropriate Time-To-Live (TTL) setting in seconds for your DNS record. The default value is 3600 seconds.
Type: Select one of the following record types: A, AAAA, MX, CNAME, TXT, NS, SRV, ALIAS, CAA, CERT, DS, SOA, HTTPS, LOC, OPENPGPKEY, RP, SMIMEA, SSHFP, SVCB, TLSA, and URI.
Content: Enter the content appropriate to the selected record type.
Preview: Ensure that the details of the record to be created are accurate.
Click Save to create the DNS record.
Result: Your DNS record is now created.
After creation, you can view the list of records of a zone and manage them as required.
To view a list of the records, follow these steps:
In the DCD, go to Menu > Network > Cloud DNS > Public Zones tab.
Select the appropriate zone in the DNS ZONES column to view the records associated with it. Alternatively, click Details & Records in the ACTIONS column.
Result: A list of all records in a zone is displayed. You will see the following details:
— FQDN: Displays the FQDN of the record.
— TYPE: Displays the type of the record: A, AAAA, CNAME, ALIAS, MX, NS, SOA, SRV, TXT, CAA, SSHFP, TLSA, SMIMEA, DS, HTTPS, SVCB, OPENPGPKEY, CERT, URI, RP, and LOC.
— CONTENT: Displays the content of the record type.
— STATE: Displays the state of the respective record.
— Available: Indicates that the record is available and healthy.
— Provisioning: Indicates that the record is being created or updated.
— Destroying: Indicates that the record is being deleted.
— Failed: Indicates that an error occurred during creation, update or deletion.
— ENABLED/DISABLED: Indicates if the record is currently enabled or disabled. You can also toggle the button to enable or disable a record.
— ACTIONS: Select the three dots to perform the following operations:
— Details and Edit: View and update the details of the respective record.
— Copy Record UUID: Copy the UUID of the record.
— Copy endpoint HREF: Copy the Cloud DNS API HREF of the record. It is useful when using the Cloud DNS API for advanced DNS management.
You can view or edit the record details or delete them if they are no longer needed.
To view details of a given record, follow these steps:
In the DCD, go to Menu > Network > Cloud DNS > Public Zones tab.
Select the appropriate zone in the DNS ZONES column to view the associated records. Alternatively, click Details & Records in the ACTIONS column.
Select the appropriate record from the FQDN column to view its details. Alternatively, click Details & Edit in the ACTIONS column.
To update the details of a given record, follow these steps:
In the DCD, go to Menu > Network > Cloud DNS > Public Zones tab.
Select the appropriate zone in the DNS ZONES column to view the records associated with it. Alternatively, click Details & Records in the ACTIONS column.
Select the appropriate record from the FQDN column to view its details. Alternatively, click Details & Edit in the ACTIONS column.
From the Update Record view, you can do the following:
enable or disable the record.
update the TTL, Type or Content of the record as required.
Click Save.
Info: You can click x Delete record to delete the respective record.
Result: The details of your record are updated.
To delete a given record, follow these steps:
In the DCD, go to Menu > Network > Cloud DNS > Public Zones tab.
Select the appropriate zone in the DNS ZONES column to view the records associated with it. Alternatively, click Details & Records in the ACTIONS column.
You can choose one of the following options to delete records:
From the Details & Records window, delete zone records either in bulk or individually by selecting respective checkboxes and clicking Delete.
Click on the specific record and in the Update Record window, click Delete record.
Select Delete Record to delete the respective record.
Click Delete in the Delete record(s) confirmation dialog box.
Result: Your record is deleted.
Result: The details of the selected record is displayed in the Update Record view. You will see the following information:
— Enabled/Disabled: Indicates if the record is currently enabled or disabled. You can toggle the button to enable or disable the respective record.
— FQDN: Displays the FQDN of the record.
— TTL: Displays the Time-To-Live (TTL) of the record.
— Type: Displays the type of the record: A, AAAA, CNAME, ALIAS, MX, NS, SOA, SRV, TXT, CAA, SSHFP, TLSA, SMIMEA, DS, HTTPS, SVCB, OPENPGPKEY, CERT, URI, RP, and LOC. To edit the record type, click .
— Content: Displays the content of the record type.
— State: Displays the state of the respective record.
— Available: Indicates that the record is available and healthy.
— Provisioning: Indicates that the record is being created or updated.
— Destroying: Indicates that the record is being deleted.
— Failed: Indicates that an error occurred during creation, update or deletion.
— Record UUID: Displays the UUID of the record.
— Last Modified Date: Displays the last modified date of the record.
— Created Date: Displays the creation date of the record.
— Preview: Displays the preview of the record.
