create(project, body=None, clientOperationId=None, x__xgafv=None)
Create a new ManagedZone.
delete(project, managedZone, clientOperationId=None, x__xgafv=None)
Delete a previously created ManagedZone.
get(project, managedZone, clientOperationId=None, x__xgafv=None)
Fetch the representation of an existing ManagedZone.
list(project, maxResults=None, pageToken=None, dnsName=None, x__xgafv=None)
Enumerate ManagedZones that have been created but not yet deleted.
list_next(previous_request, previous_response)
Retrieves the next page of results.
patch(project, managedZone, body=None, clientOperationId=None, x__xgafv=None)
Apply a partial update to an existing ManagedZone.
update(project, managedZone, body=None, clientOperationId=None, x__xgafv=None)
Update an existing ManagedZone.
create(project, body=None, clientOperationId=None, x__xgafv=None)
Create a new ManagedZone.
Args:
project: string, Identifies the project addressed by this request. (required)
body: object, The request body.
The object takes the form of:
{ # A zone is a subtree of the DNS namespace under one administrative
# responsibility. A ManagedZone is a resource that represents a DNS zone
# hosted by the Cloud DNS service.
"nameServers": [ # Delegate your managed_zone to these virtual name servers; defined by the
# server (output only)
"A String",
],
"visibility": "A String", # The zone's visibility: public zones are exposed to the Internet, while
# private zones are visible only to Virtual Private Cloud resources.
"nameServerSet": "A String", # Optionally specifies the NameServerSet for this ManagedZone. A
# NameServerSet is a set of DNS name servers that all host the same
# ManagedZones. Most users will leave this field unset.
"privateVisibilityConfig": { # For privately visible zones, the set of Virtual Private Cloud resources
# that the zone is visible from.
"kind": "dns#managedZonePrivateVisibilityConfig",
"networks": [ # The list of VPC networks that can see this zone.
{
"kind": "dns#managedZonePrivateVisibilityConfigNetwork",
"networkUrl": "A String", # The fully qualified URL of the VPC network to bind to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
},
],
},
"name": "A String", # User assigned name for this resource. Must be unique within the project.
# The name must be 1-63 characters long, must begin with a letter, end with
# a letter or digit, and only contain lowercase letters, digits or dashes.
"description": "A String", # A mutable string of at most 1024 characters associated with this resource
# for the user's convenience. Has no effect on the managed zone's function.
"creationTime": "A String", # The time that this resource was created on the server. This is in RFC3339
# text format. Output only.
"labels": { # User labels.
"a_key": "A String",
},
"id": "A String", # Unique identifier for the resource; defined by the server (output only)
"peeringConfig": { # The presence of this field indicates that DNS Peering is enabled for this
# zone. The value of this field contains the network to peer with.
"targetNetwork": { # The network with which to peer.
"networkUrl": "A String", # The fully qualified URL of the VPC network to forward queries to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
"kind": "dns#managedZonePeeringConfigTargetNetwork",
"deactivateTime": "A String", # The time at which the zone was deactivated, in RFC 3339 date-time
# format. An empty string indicates that the peering connection is
# active. The producer network can deactivate a zone. The zone is
# automatically deactivated if the producer network that the zone
# targeted is deleted. Output only.
},
"kind": "dns#managedZonePeeringConfig",
},
"dnssecConfig": { # DNSSEC configuration.
"nonExistence": "A String", # Specifies the mechanism for authenticated denial-of-existence responses.
# Can only be changed while the state is OFF.
"defaultKeySpecs": [ # Specifies parameters for generating initial DnsKeys for this
# ManagedZone. Can only be changed while the state is OFF.
{ # Parameters for DnsKey key generation. Used for generating initial keys
# for a new ManagedZone and as default when adding a new DnsKey.
"algorithm": "A String", # String mnemonic specifying the DNSSEC algorithm of this key.
"kind": "dns#dnsKeySpec",
"keyLength": 42, # Length of the keys in bits.
"keyType": "A String", # Specifies whether this is a key signing key (KSK) or a zone signing key
# (ZSK). Key signing keys have the Secure Entry Point flag set and, when
# active, will only be used to sign resource record sets of type DNSKEY.
# Zone signing keys do not have the Secure Entry Point flag set and will be
# used to sign all other types of resource record sets.
},
],
"kind": "dns#managedZoneDnsSecConfig",
"state": "A String", # Specifies whether DNSSEC is enabled, and what mode it is in.
},
"dnsName": "A String", # The DNS name of this managed zone, for instance "example.com.".
"kind": "dns#managedZone",
"reverseLookupConfig": { # The presence of this field indicates that this is a managed reverse
# lookup zone and Cloud DNS will resolve reverse lookup queries using
# automatically configured records for VPC resources. This only applies
# to networks listed under private_visibility_config.
"kind": "dns#managedZoneReverseLookupConfig",
},
"forwardingConfig": { # The presence for this field indicates that outbound forwarding is enabled
# for this zone. The value of this field contains the set of destinations
# to forward to.
"kind": "dns#managedZoneForwardingConfig",
"targetNameServers": [ # List of target name servers to forward to.
# Cloud DNS will select the best available name server if more than one
# target is given.
{
"forwardingPath": "A String", # Forwarding path for this NameServerTarget, if unset or set to DEFAULT,
# Cloud DNS will make forwarding decision based on address ranges,
# i.e. RFC1918 addresses go to the VPC, Non-RFC1918 addresses go to the
# Internet. When set to PRIVATE, Cloud DNS will always send queries
# through VPC for this target
"ipv4Address": "A String", # IPv4 address of a target name server.
"kind": "dns#managedZoneForwardingConfigNameServerTarget",
},
],
},
}
clientOperationId: string, For mutating operation requests only. An optional identifier
specified by the client. Must be unique for operation resources in the
Operations collection.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # A zone is a subtree of the DNS namespace under one administrative
# responsibility. A ManagedZone is a resource that represents a DNS zone
# hosted by the Cloud DNS service.
"nameServers": [ # Delegate your managed_zone to these virtual name servers; defined by the
# server (output only)
"A String",
],
"visibility": "A String", # The zone's visibility: public zones are exposed to the Internet, while
# private zones are visible only to Virtual Private Cloud resources.
"nameServerSet": "A String", # Optionally specifies the NameServerSet for this ManagedZone. A
# NameServerSet is a set of DNS name servers that all host the same
# ManagedZones. Most users will leave this field unset.
"privateVisibilityConfig": { # For privately visible zones, the set of Virtual Private Cloud resources
# that the zone is visible from.
"kind": "dns#managedZonePrivateVisibilityConfig",
"networks": [ # The list of VPC networks that can see this zone.
{
"kind": "dns#managedZonePrivateVisibilityConfigNetwork",
"networkUrl": "A String", # The fully qualified URL of the VPC network to bind to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
},
],
},
"name": "A String", # User assigned name for this resource. Must be unique within the project.
# The name must be 1-63 characters long, must begin with a letter, end with
# a letter or digit, and only contain lowercase letters, digits or dashes.
"description": "A String", # A mutable string of at most 1024 characters associated with this resource
# for the user's convenience. Has no effect on the managed zone's function.
"creationTime": "A String", # The time that this resource was created on the server. This is in RFC3339
# text format. Output only.
"labels": { # User labels.
"a_key": "A String",
},
"id": "A String", # Unique identifier for the resource; defined by the server (output only)
"peeringConfig": { # The presence of this field indicates that DNS Peering is enabled for this
# zone. The value of this field contains the network to peer with.
"targetNetwork": { # The network with which to peer.
"networkUrl": "A String", # The fully qualified URL of the VPC network to forward queries to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
"kind": "dns#managedZonePeeringConfigTargetNetwork",
"deactivateTime": "A String", # The time at which the zone was deactivated, in RFC 3339 date-time
# format. An empty string indicates that the peering connection is
# active. The producer network can deactivate a zone. The zone is
# automatically deactivated if the producer network that the zone
# targeted is deleted. Output only.
},
"kind": "dns#managedZonePeeringConfig",
},
"dnssecConfig": { # DNSSEC configuration.
"nonExistence": "A String", # Specifies the mechanism for authenticated denial-of-existence responses.
# Can only be changed while the state is OFF.
"defaultKeySpecs": [ # Specifies parameters for generating initial DnsKeys for this
# ManagedZone. Can only be changed while the state is OFF.
{ # Parameters for DnsKey key generation. Used for generating initial keys
# for a new ManagedZone and as default when adding a new DnsKey.
"algorithm": "A String", # String mnemonic specifying the DNSSEC algorithm of this key.
"kind": "dns#dnsKeySpec",
"keyLength": 42, # Length of the keys in bits.
"keyType": "A String", # Specifies whether this is a key signing key (KSK) or a zone signing key
# (ZSK). Key signing keys have the Secure Entry Point flag set and, when
# active, will only be used to sign resource record sets of type DNSKEY.
# Zone signing keys do not have the Secure Entry Point flag set and will be
# used to sign all other types of resource record sets.
},
],
"kind": "dns#managedZoneDnsSecConfig",
"state": "A String", # Specifies whether DNSSEC is enabled, and what mode it is in.
},
"dnsName": "A String", # The DNS name of this managed zone, for instance "example.com.".
"kind": "dns#managedZone",
"reverseLookupConfig": { # The presence of this field indicates that this is a managed reverse
# lookup zone and Cloud DNS will resolve reverse lookup queries using
# automatically configured records for VPC resources. This only applies
# to networks listed under private_visibility_config.
"kind": "dns#managedZoneReverseLookupConfig",
},
"forwardingConfig": { # The presence for this field indicates that outbound forwarding is enabled
# for this zone. The value of this field contains the set of destinations
# to forward to.
"kind": "dns#managedZoneForwardingConfig",
"targetNameServers": [ # List of target name servers to forward to.
# Cloud DNS will select the best available name server if more than one
# target is given.
{
"forwardingPath": "A String", # Forwarding path for this NameServerTarget, if unset or set to DEFAULT,
# Cloud DNS will make forwarding decision based on address ranges,
# i.e. RFC1918 addresses go to the VPC, Non-RFC1918 addresses go to the
# Internet. When set to PRIVATE, Cloud DNS will always send queries
# through VPC for this target
"ipv4Address": "A String", # IPv4 address of a target name server.
"kind": "dns#managedZoneForwardingConfigNameServerTarget",
},
],
},
}
delete(project, managedZone, clientOperationId=None, x__xgafv=None)
Delete a previously created ManagedZone.
Args:
project: string, Identifies the project addressed by this request. (required)
managedZone: string, Identifies the managed zone addressed by this request. Can be the managed
zone name or id. (required)
clientOperationId: string, For mutating operation requests only. An optional identifier
specified by the client. Must be unique for operation resources in the
Operations collection.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
get(project, managedZone, clientOperationId=None, x__xgafv=None)
Fetch the representation of an existing ManagedZone.
Args:
project: string, Identifies the project addressed by this request. (required)
managedZone: string, Identifies the managed zone addressed by this request. Can be the managed
zone name or id. (required)
clientOperationId: string, For mutating operation requests only. An optional identifier
specified by the client. Must be unique for operation resources in the
Operations collection.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # A zone is a subtree of the DNS namespace under one administrative
# responsibility. A ManagedZone is a resource that represents a DNS zone
# hosted by the Cloud DNS service.
"nameServers": [ # Delegate your managed_zone to these virtual name servers; defined by the
# server (output only)
"A String",
],
"visibility": "A String", # The zone's visibility: public zones are exposed to the Internet, while
# private zones are visible only to Virtual Private Cloud resources.
"nameServerSet": "A String", # Optionally specifies the NameServerSet for this ManagedZone. A
# NameServerSet is a set of DNS name servers that all host the same
# ManagedZones. Most users will leave this field unset.
"privateVisibilityConfig": { # For privately visible zones, the set of Virtual Private Cloud resources
# that the zone is visible from.
"kind": "dns#managedZonePrivateVisibilityConfig",
"networks": [ # The list of VPC networks that can see this zone.
{
"kind": "dns#managedZonePrivateVisibilityConfigNetwork",
"networkUrl": "A String", # The fully qualified URL of the VPC network to bind to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
},
],
},
"name": "A String", # User assigned name for this resource. Must be unique within the project.
# The name must be 1-63 characters long, must begin with a letter, end with
# a letter or digit, and only contain lowercase letters, digits or dashes.
"description": "A String", # A mutable string of at most 1024 characters associated with this resource
# for the user's convenience. Has no effect on the managed zone's function.
"creationTime": "A String", # The time that this resource was created on the server. This is in RFC3339
# text format. Output only.
"labels": { # User labels.
"a_key": "A String",
},
"id": "A String", # Unique identifier for the resource; defined by the server (output only)
"peeringConfig": { # The presence of this field indicates that DNS Peering is enabled for this
# zone. The value of this field contains the network to peer with.
"targetNetwork": { # The network with which to peer.
"networkUrl": "A String", # The fully qualified URL of the VPC network to forward queries to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
"kind": "dns#managedZonePeeringConfigTargetNetwork",
"deactivateTime": "A String", # The time at which the zone was deactivated, in RFC 3339 date-time
# format. An empty string indicates that the peering connection is
# active. The producer network can deactivate a zone. The zone is
# automatically deactivated if the producer network that the zone
# targeted is deleted. Output only.
},
"kind": "dns#managedZonePeeringConfig",
},
"dnssecConfig": { # DNSSEC configuration.
"nonExistence": "A String", # Specifies the mechanism for authenticated denial-of-existence responses.
# Can only be changed while the state is OFF.
"defaultKeySpecs": [ # Specifies parameters for generating initial DnsKeys for this
# ManagedZone. Can only be changed while the state is OFF.
{ # Parameters for DnsKey key generation. Used for generating initial keys
# for a new ManagedZone and as default when adding a new DnsKey.
"algorithm": "A String", # String mnemonic specifying the DNSSEC algorithm of this key.
"kind": "dns#dnsKeySpec",
"keyLength": 42, # Length of the keys in bits.
"keyType": "A String", # Specifies whether this is a key signing key (KSK) or a zone signing key
# (ZSK). Key signing keys have the Secure Entry Point flag set and, when
# active, will only be used to sign resource record sets of type DNSKEY.
# Zone signing keys do not have the Secure Entry Point flag set and will be
# used to sign all other types of resource record sets.
},
],
"kind": "dns#managedZoneDnsSecConfig",
"state": "A String", # Specifies whether DNSSEC is enabled, and what mode it is in.
},
"dnsName": "A String", # The DNS name of this managed zone, for instance "example.com.".
"kind": "dns#managedZone",
"reverseLookupConfig": { # The presence of this field indicates that this is a managed reverse
# lookup zone and Cloud DNS will resolve reverse lookup queries using
# automatically configured records for VPC resources. This only applies
# to networks listed under private_visibility_config.
"kind": "dns#managedZoneReverseLookupConfig",
},
"forwardingConfig": { # The presence for this field indicates that outbound forwarding is enabled
# for this zone. The value of this field contains the set of destinations
# to forward to.
"kind": "dns#managedZoneForwardingConfig",
"targetNameServers": [ # List of target name servers to forward to.
# Cloud DNS will select the best available name server if more than one
# target is given.
{
"forwardingPath": "A String", # Forwarding path for this NameServerTarget, if unset or set to DEFAULT,
# Cloud DNS will make forwarding decision based on address ranges,
# i.e. RFC1918 addresses go to the VPC, Non-RFC1918 addresses go to the
# Internet. When set to PRIVATE, Cloud DNS will always send queries
# through VPC for this target
"ipv4Address": "A String", # IPv4 address of a target name server.
"kind": "dns#managedZoneForwardingConfigNameServerTarget",
},
],
},
}
list(project, maxResults=None, pageToken=None, dnsName=None, x__xgafv=None)
Enumerate ManagedZones that have been created but not yet deleted.
Args:
project: string, Identifies the project addressed by this request. (required)
maxResults: integer, Optional. Maximum number of results to be returned. If unspecified, the
server will decide how many results to return.
pageToken: string, Optional. A tag returned by a previous list request that was truncated.
Use this parameter to continue a previous list request.
dnsName: string, Restricts the list to return only zones with this domain name.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{
"kind": "dns#managedZonesListResponse", # Type of resource.
"nextPageToken": "A String", # The presence of this field indicates that there exist more results
# following your last page of results in pagination order. To fetch them,
# make another list request using this value as your page token.
#
# In this way you can retrieve the complete contents of even very large
# collections one page at a time. However, if the contents of the collection
# change between the first and last paginated list request, the set of all
# elements returned will be an inconsistent view of the collection. There is
# no way to retrieve a consistent snapshot of a collection larger than the
# maximum page size.
"managedZones": [ # The managed zone resources.
{ # A zone is a subtree of the DNS namespace under one administrative
# responsibility. A ManagedZone is a resource that represents a DNS zone
# hosted by the Cloud DNS service.
"nameServers": [ # Delegate your managed_zone to these virtual name servers; defined by the
# server (output only)
"A String",
],
"visibility": "A String", # The zone's visibility: public zones are exposed to the Internet, while
# private zones are visible only to Virtual Private Cloud resources.
"nameServerSet": "A String", # Optionally specifies the NameServerSet for this ManagedZone. A
# NameServerSet is a set of DNS name servers that all host the same
# ManagedZones. Most users will leave this field unset.
"privateVisibilityConfig": { # For privately visible zones, the set of Virtual Private Cloud resources
# that the zone is visible from.
"kind": "dns#managedZonePrivateVisibilityConfig",
"networks": [ # The list of VPC networks that can see this zone.
{
"kind": "dns#managedZonePrivateVisibilityConfigNetwork",
"networkUrl": "A String", # The fully qualified URL of the VPC network to bind to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
},
],
},
"name": "A String", # User assigned name for this resource. Must be unique within the project.
# The name must be 1-63 characters long, must begin with a letter, end with
# a letter or digit, and only contain lowercase letters, digits or dashes.
"description": "A String", # A mutable string of at most 1024 characters associated with this resource
# for the user's convenience. Has no effect on the managed zone's function.
"creationTime": "A String", # The time that this resource was created on the server. This is in RFC3339
# text format. Output only.
"labels": { # User labels.
"a_key": "A String",
},
"id": "A String", # Unique identifier for the resource; defined by the server (output only)
"peeringConfig": { # The presence of this field indicates that DNS Peering is enabled for this
# zone. The value of this field contains the network to peer with.
"targetNetwork": { # The network with which to peer.
"networkUrl": "A String", # The fully qualified URL of the VPC network to forward queries to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
"kind": "dns#managedZonePeeringConfigTargetNetwork",
"deactivateTime": "A String", # The time at which the zone was deactivated, in RFC 3339 date-time
# format. An empty string indicates that the peering connection is
# active. The producer network can deactivate a zone. The zone is
# automatically deactivated if the producer network that the zone
# targeted is deleted. Output only.
},
"kind": "dns#managedZonePeeringConfig",
},
"dnssecConfig": { # DNSSEC configuration.
"nonExistence": "A String", # Specifies the mechanism for authenticated denial-of-existence responses.
# Can only be changed while the state is OFF.
"defaultKeySpecs": [ # Specifies parameters for generating initial DnsKeys for this
# ManagedZone. Can only be changed while the state is OFF.
{ # Parameters for DnsKey key generation. Used for generating initial keys
# for a new ManagedZone and as default when adding a new DnsKey.
"algorithm": "A String", # String mnemonic specifying the DNSSEC algorithm of this key.
"kind": "dns#dnsKeySpec",
"keyLength": 42, # Length of the keys in bits.
"keyType": "A String", # Specifies whether this is a key signing key (KSK) or a zone signing key
# (ZSK). Key signing keys have the Secure Entry Point flag set and, when
# active, will only be used to sign resource record sets of type DNSKEY.
# Zone signing keys do not have the Secure Entry Point flag set and will be
# used to sign all other types of resource record sets.
},
],
"kind": "dns#managedZoneDnsSecConfig",
"state": "A String", # Specifies whether DNSSEC is enabled, and what mode it is in.
},
"dnsName": "A String", # The DNS name of this managed zone, for instance "example.com.".
"kind": "dns#managedZone",
"reverseLookupConfig": { # The presence of this field indicates that this is a managed reverse
# lookup zone and Cloud DNS will resolve reverse lookup queries using
# automatically configured records for VPC resources. This only applies
# to networks listed under private_visibility_config.
"kind": "dns#managedZoneReverseLookupConfig",
},
"forwardingConfig": { # The presence for this field indicates that outbound forwarding is enabled
# for this zone. The value of this field contains the set of destinations
# to forward to.
"kind": "dns#managedZoneForwardingConfig",
"targetNameServers": [ # List of target name servers to forward to.
# Cloud DNS will select the best available name server if more than one
# target is given.
{
"forwardingPath": "A String", # Forwarding path for this NameServerTarget, if unset or set to DEFAULT,
# Cloud DNS will make forwarding decision based on address ranges,
# i.e. RFC1918 addresses go to the VPC, Non-RFC1918 addresses go to the
# Internet. When set to PRIVATE, Cloud DNS will always send queries
# through VPC for this target
"ipv4Address": "A String", # IPv4 address of a target name server.
"kind": "dns#managedZoneForwardingConfigNameServerTarget",
},
],
},
},
],
"header": { # Elements common to every response.
"operationId": "A String", # For mutating operation requests that completed successfully.
# This is the client_operation_id if the client specified it,
# otherwise it is generated by the server (output only).
},
}
list_next(previous_request, previous_response)
Retrieves the next page of results.
Args:
previous_request: The request for the previous page. (required)
previous_response: The response from the request for the previous page. (required)
Returns:
A request object that you can call 'execute()' on to request the next
page. Returns None if there are no more items in the collection.
patch(project, managedZone, body=None, clientOperationId=None, x__xgafv=None)
Apply a partial update to an existing ManagedZone.
Args:
project: string, Identifies the project addressed by this request. (required)
managedZone: string, Identifies the managed zone addressed by this request. Can be the managed
zone name or id. (required)
body: object, The request body.
The object takes the form of:
{ # A zone is a subtree of the DNS namespace under one administrative
# responsibility. A ManagedZone is a resource that represents a DNS zone
# hosted by the Cloud DNS service.
"nameServers": [ # Delegate your managed_zone to these virtual name servers; defined by the
# server (output only)
"A String",
],
"visibility": "A String", # The zone's visibility: public zones are exposed to the Internet, while
# private zones are visible only to Virtual Private Cloud resources.
"nameServerSet": "A String", # Optionally specifies the NameServerSet for this ManagedZone. A
# NameServerSet is a set of DNS name servers that all host the same
# ManagedZones. Most users will leave this field unset.
"privateVisibilityConfig": { # For privately visible zones, the set of Virtual Private Cloud resources
# that the zone is visible from.
"kind": "dns#managedZonePrivateVisibilityConfig",
"networks": [ # The list of VPC networks that can see this zone.
{
"kind": "dns#managedZonePrivateVisibilityConfigNetwork",
"networkUrl": "A String", # The fully qualified URL of the VPC network to bind to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
},
],
},
"name": "A String", # User assigned name for this resource. Must be unique within the project.
# The name must be 1-63 characters long, must begin with a letter, end with
# a letter or digit, and only contain lowercase letters, digits or dashes.
"description": "A String", # A mutable string of at most 1024 characters associated with this resource
# for the user's convenience. Has no effect on the managed zone's function.
"creationTime": "A String", # The time that this resource was created on the server. This is in RFC3339
# text format. Output only.
"labels": { # User labels.
"a_key": "A String",
},
"id": "A String", # Unique identifier for the resource; defined by the server (output only)
"peeringConfig": { # The presence of this field indicates that DNS Peering is enabled for this
# zone. The value of this field contains the network to peer with.
"targetNetwork": { # The network with which to peer.
"networkUrl": "A String", # The fully qualified URL of the VPC network to forward queries to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
"kind": "dns#managedZonePeeringConfigTargetNetwork",
"deactivateTime": "A String", # The time at which the zone was deactivated, in RFC 3339 date-time
# format. An empty string indicates that the peering connection is
# active. The producer network can deactivate a zone. The zone is
# automatically deactivated if the producer network that the zone
# targeted is deleted. Output only.
},
"kind": "dns#managedZonePeeringConfig",
},
"dnssecConfig": { # DNSSEC configuration.
"nonExistence": "A String", # Specifies the mechanism for authenticated denial-of-existence responses.
# Can only be changed while the state is OFF.
"defaultKeySpecs": [ # Specifies parameters for generating initial DnsKeys for this
# ManagedZone. Can only be changed while the state is OFF.
{ # Parameters for DnsKey key generation. Used for generating initial keys
# for a new ManagedZone and as default when adding a new DnsKey.
"algorithm": "A String", # String mnemonic specifying the DNSSEC algorithm of this key.
"kind": "dns#dnsKeySpec",
"keyLength": 42, # Length of the keys in bits.
"keyType": "A String", # Specifies whether this is a key signing key (KSK) or a zone signing key
# (ZSK). Key signing keys have the Secure Entry Point flag set and, when
# active, will only be used to sign resource record sets of type DNSKEY.
# Zone signing keys do not have the Secure Entry Point flag set and will be
# used to sign all other types of resource record sets.
},
],
"kind": "dns#managedZoneDnsSecConfig",
"state": "A String", # Specifies whether DNSSEC is enabled, and what mode it is in.
},
"dnsName": "A String", # The DNS name of this managed zone, for instance "example.com.".
"kind": "dns#managedZone",
"reverseLookupConfig": { # The presence of this field indicates that this is a managed reverse
# lookup zone and Cloud DNS will resolve reverse lookup queries using
# automatically configured records for VPC resources. This only applies
# to networks listed under private_visibility_config.
"kind": "dns#managedZoneReverseLookupConfig",
},
"forwardingConfig": { # The presence for this field indicates that outbound forwarding is enabled
# for this zone. The value of this field contains the set of destinations
# to forward to.
"kind": "dns#managedZoneForwardingConfig",
"targetNameServers": [ # List of target name servers to forward to.
# Cloud DNS will select the best available name server if more than one
# target is given.
{
"forwardingPath": "A String", # Forwarding path for this NameServerTarget, if unset or set to DEFAULT,
# Cloud DNS will make forwarding decision based on address ranges,
# i.e. RFC1918 addresses go to the VPC, Non-RFC1918 addresses go to the
# Internet. When set to PRIVATE, Cloud DNS will always send queries
# through VPC for this target
"ipv4Address": "A String", # IPv4 address of a target name server.
"kind": "dns#managedZoneForwardingConfigNameServerTarget",
},
],
},
}
clientOperationId: string, For mutating operation requests only. An optional identifier
specified by the client. Must be unique for operation resources in the
Operations collection.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # An operation represents a successful mutation performed on a Cloud DNS
# resource.
# Operations provide:
# - An audit log of server resource mutations.
# - A way to recover/retry API calls in the case where the response is never
# received by the caller. Use the caller specified client_operation_id.
"id": "A String", # Unique identifier for the resource. This is the client_operation_id if
# the client specified it when the mutation was initiated, otherwise,
# it is generated by the server. The name must be 1-63 characters long
# and match the regular expression [-a-z0-9]? (output only)
"zoneContext": { # Only populated if the operation targeted a ManagedZone (output only).
"newValue": { # A zone is a subtree of the DNS namespace under one administrative # The post-operation ManagedZone resource.
# responsibility. A ManagedZone is a resource that represents a DNS zone
# hosted by the Cloud DNS service.
"nameServers": [ # Delegate your managed_zone to these virtual name servers; defined by the
# server (output only)
"A String",
],
"visibility": "A String", # The zone's visibility: public zones are exposed to the Internet, while
# private zones are visible only to Virtual Private Cloud resources.
"nameServerSet": "A String", # Optionally specifies the NameServerSet for this ManagedZone. A
# NameServerSet is a set of DNS name servers that all host the same
# ManagedZones. Most users will leave this field unset.
"privateVisibilityConfig": { # For privately visible zones, the set of Virtual Private Cloud resources
# that the zone is visible from.
"kind": "dns#managedZonePrivateVisibilityConfig",
"networks": [ # The list of VPC networks that can see this zone.
{
"kind": "dns#managedZonePrivateVisibilityConfigNetwork",
"networkUrl": "A String", # The fully qualified URL of the VPC network to bind to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
},
],
},
"name": "A String", # User assigned name for this resource. Must be unique within the project.
# The name must be 1-63 characters long, must begin with a letter, end with
# a letter or digit, and only contain lowercase letters, digits or dashes.
"description": "A String", # A mutable string of at most 1024 characters associated with this resource
# for the user's convenience. Has no effect on the managed zone's function.
"creationTime": "A String", # The time that this resource was created on the server. This is in RFC3339
# text format. Output only.
"labels": { # User labels.
"a_key": "A String",
},
"id": "A String", # Unique identifier for the resource; defined by the server (output only)
"peeringConfig": { # The presence of this field indicates that DNS Peering is enabled for this
# zone. The value of this field contains the network to peer with.
"targetNetwork": { # The network with which to peer.
"networkUrl": "A String", # The fully qualified URL of the VPC network to forward queries to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
"kind": "dns#managedZonePeeringConfigTargetNetwork",
"deactivateTime": "A String", # The time at which the zone was deactivated, in RFC 3339 date-time
# format. An empty string indicates that the peering connection is
# active. The producer network can deactivate a zone. The zone is
# automatically deactivated if the producer network that the zone
# targeted is deleted. Output only.
},
"kind": "dns#managedZonePeeringConfig",
},
"dnssecConfig": { # DNSSEC configuration.
"nonExistence": "A String", # Specifies the mechanism for authenticated denial-of-existence responses.
# Can only be changed while the state is OFF.
"defaultKeySpecs": [ # Specifies parameters for generating initial DnsKeys for this
# ManagedZone. Can only be changed while the state is OFF.
{ # Parameters for DnsKey key generation. Used for generating initial keys
# for a new ManagedZone and as default when adding a new DnsKey.
"algorithm": "A String", # String mnemonic specifying the DNSSEC algorithm of this key.
"kind": "dns#dnsKeySpec",
"keyLength": 42, # Length of the keys in bits.
"keyType": "A String", # Specifies whether this is a key signing key (KSK) or a zone signing key
# (ZSK). Key signing keys have the Secure Entry Point flag set and, when
# active, will only be used to sign resource record sets of type DNSKEY.
# Zone signing keys do not have the Secure Entry Point flag set and will be
# used to sign all other types of resource record sets.
},
],
"kind": "dns#managedZoneDnsSecConfig",
"state": "A String", # Specifies whether DNSSEC is enabled, and what mode it is in.
},
"dnsName": "A String", # The DNS name of this managed zone, for instance "example.com.".
"kind": "dns#managedZone",
"reverseLookupConfig": { # The presence of this field indicates that this is a managed reverse
# lookup zone and Cloud DNS will resolve reverse lookup queries using
# automatically configured records for VPC resources. This only applies
# to networks listed under private_visibility_config.
"kind": "dns#managedZoneReverseLookupConfig",
},
"forwardingConfig": { # The presence for this field indicates that outbound forwarding is enabled
# for this zone. The value of this field contains the set of destinations
# to forward to.
"kind": "dns#managedZoneForwardingConfig",
"targetNameServers": [ # List of target name servers to forward to.
# Cloud DNS will select the best available name server if more than one
# target is given.
{
"forwardingPath": "A String", # Forwarding path for this NameServerTarget, if unset or set to DEFAULT,
# Cloud DNS will make forwarding decision based on address ranges,
# i.e. RFC1918 addresses go to the VPC, Non-RFC1918 addresses go to the
# Internet. When set to PRIVATE, Cloud DNS will always send queries
# through VPC for this target
"ipv4Address": "A String", # IPv4 address of a target name server.
"kind": "dns#managedZoneForwardingConfigNameServerTarget",
},
],
},
},
"oldValue": { # A zone is a subtree of the DNS namespace under one administrative # The pre-operation ManagedZone resource.
# responsibility. A ManagedZone is a resource that represents a DNS zone
# hosted by the Cloud DNS service.
"nameServers": [ # Delegate your managed_zone to these virtual name servers; defined by the
# server (output only)
"A String",
],
"visibility": "A String", # The zone's visibility: public zones are exposed to the Internet, while
# private zones are visible only to Virtual Private Cloud resources.
"nameServerSet": "A String", # Optionally specifies the NameServerSet for this ManagedZone. A
# NameServerSet is a set of DNS name servers that all host the same
# ManagedZones. Most users will leave this field unset.
"privateVisibilityConfig": { # For privately visible zones, the set of Virtual Private Cloud resources
# that the zone is visible from.
"kind": "dns#managedZonePrivateVisibilityConfig",
"networks": [ # The list of VPC networks that can see this zone.
{
"kind": "dns#managedZonePrivateVisibilityConfigNetwork",
"networkUrl": "A String", # The fully qualified URL of the VPC network to bind to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
},
],
},
"name": "A String", # User assigned name for this resource. Must be unique within the project.
# The name must be 1-63 characters long, must begin with a letter, end with
# a letter or digit, and only contain lowercase letters, digits or dashes.
"description": "A String", # A mutable string of at most 1024 characters associated with this resource
# for the user's convenience. Has no effect on the managed zone's function.
"creationTime": "A String", # The time that this resource was created on the server. This is in RFC3339
# text format. Output only.
"labels": { # User labels.
"a_key": "A String",
},
"id": "A String", # Unique identifier for the resource; defined by the server (output only)
"peeringConfig": { # The presence of this field indicates that DNS Peering is enabled for this
# zone. The value of this field contains the network to peer with.
"targetNetwork": { # The network with which to peer.
"networkUrl": "A String", # The fully qualified URL of the VPC network to forward queries to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
"kind": "dns#managedZonePeeringConfigTargetNetwork",
"deactivateTime": "A String", # The time at which the zone was deactivated, in RFC 3339 date-time
# format. An empty string indicates that the peering connection is
# active. The producer network can deactivate a zone. The zone is
# automatically deactivated if the producer network that the zone
# targeted is deleted. Output only.
},
"kind": "dns#managedZonePeeringConfig",
},
"dnssecConfig": { # DNSSEC configuration.
"nonExistence": "A String", # Specifies the mechanism for authenticated denial-of-existence responses.
# Can only be changed while the state is OFF.
"defaultKeySpecs": [ # Specifies parameters for generating initial DnsKeys for this
# ManagedZone. Can only be changed while the state is OFF.
{ # Parameters for DnsKey key generation. Used for generating initial keys
# for a new ManagedZone and as default when adding a new DnsKey.
"algorithm": "A String", # String mnemonic specifying the DNSSEC algorithm of this key.
"kind": "dns#dnsKeySpec",
"keyLength": 42, # Length of the keys in bits.
"keyType": "A String", # Specifies whether this is a key signing key (KSK) or a zone signing key
# (ZSK). Key signing keys have the Secure Entry Point flag set and, when
# active, will only be used to sign resource record sets of type DNSKEY.
# Zone signing keys do not have the Secure Entry Point flag set and will be
# used to sign all other types of resource record sets.
},
],
"kind": "dns#managedZoneDnsSecConfig",
"state": "A String", # Specifies whether DNSSEC is enabled, and what mode it is in.
},
"dnsName": "A String", # The DNS name of this managed zone, for instance "example.com.".
"kind": "dns#managedZone",
"reverseLookupConfig": { # The presence of this field indicates that this is a managed reverse
# lookup zone and Cloud DNS will resolve reverse lookup queries using
# automatically configured records for VPC resources. This only applies
# to networks listed under private_visibility_config.
"kind": "dns#managedZoneReverseLookupConfig",
},
"forwardingConfig": { # The presence for this field indicates that outbound forwarding is enabled
# for this zone. The value of this field contains the set of destinations
# to forward to.
"kind": "dns#managedZoneForwardingConfig",
"targetNameServers": [ # List of target name servers to forward to.
# Cloud DNS will select the best available name server if more than one
# target is given.
{
"forwardingPath": "A String", # Forwarding path for this NameServerTarget, if unset or set to DEFAULT,
# Cloud DNS will make forwarding decision based on address ranges,
# i.e. RFC1918 addresses go to the VPC, Non-RFC1918 addresses go to the
# Internet. When set to PRIVATE, Cloud DNS will always send queries
# through VPC for this target
"ipv4Address": "A String", # IPv4 address of a target name server.
"kind": "dns#managedZoneForwardingConfigNameServerTarget",
},
],
},
},
},
"type": "A String", # Type of the operation. Operations include insert, update, and delete
# (output only).
"status": "A String", # Status of the operation. Can be one of the following: "PENDING" or "DONE"
# (output only). A status of "DONE" means that the
# request to update the authoritative servers has been sent, but the
# servers might not be updated yet.
"startTime": "A String", # The time that this operation was started by the server. This is in RFC3339
# text format (output only).
"kind": "dns#operation",
"user": "A String", # User who requested the operation, for example: user@example.com.
# cloud-dns-system for operations automatically done by the system.
# (output only)
"dnsKeyContext": { # Only populated if the operation targeted a DnsKey (output only).
"newValue": { # A DNSSEC key pair. # The post-operation DnsKey resource.
"isActive": True or False, # Active keys will be used to sign subsequent changes to the ManagedZone.
# Inactive keys will still be present as DNSKEY Resource Records for the use
# of resolvers validating existing signatures.
"description": "A String", # A mutable string of at most 1024 characters associated with this resource
# for the user's convenience. Has no effect on the resource's function.
"id": "A String", # Unique identifier for the resource; defined by the server (output only).
"creationTime": "A String", # The time that this resource was created in the control plane. This is in
# RFC3339 text format. Output only.
"type": "A String", # One of "KEY_SIGNING" or "ZONE_SIGNING". Keys of type KEY_SIGNING have the
# Secure Entry Point flag set and, when active, will be used to sign only
# resource record sets of type DNSKEY. Otherwise, the Secure Entry Point
# flag will be cleared and this key will be used to sign only resource
# record sets of other types. Immutable after creation time.
"keyTag": 42, # The key tag is a non-cryptographic hash of the a DNSKEY resource record
# associated with this DnsKey. The key tag can be used to identify a DNSKEY
# more quickly (but it is not a unique identifier). In particular, the key
# tag is used in a parent zone's DS record to point at the DNSKEY in this
# child ManagedZone. The key tag is a number in the range [0, 65535] and the
# algorithm to calculate it is specified in RFC4034 Appendix B. Output only.
"kind": "dns#dnsKey",
"publicKey": "A String", # Base64 encoded public half of this key. Output only.
"keyLength": 42, # Length of the key in bits. Specified at creation time then immutable.
"digests": [ # Cryptographic hashes of the DNSKEY resource record associated with this
# DnsKey. These digests are needed to construct a DS record that points at
# this DNS key. Output only.
{
"digest": "A String", # The base-16 encoded bytes of this digest. Suitable for use in a DS
# resource record.
"type": "A String", # Specifies the algorithm used to calculate this digest.
},
],
"algorithm": "A String", # String mnemonic specifying the DNSSEC algorithm of this key. Immutable
# after creation time.
},
"oldValue": { # A DNSSEC key pair. # The pre-operation DnsKey resource.
"isActive": True or False, # Active keys will be used to sign subsequent changes to the ManagedZone.
# Inactive keys will still be present as DNSKEY Resource Records for the use
# of resolvers validating existing signatures.
"description": "A String", # A mutable string of at most 1024 characters associated with this resource
# for the user's convenience. Has no effect on the resource's function.
"id": "A String", # Unique identifier for the resource; defined by the server (output only).
"creationTime": "A String", # The time that this resource was created in the control plane. This is in
# RFC3339 text format. Output only.
"type": "A String", # One of "KEY_SIGNING" or "ZONE_SIGNING". Keys of type KEY_SIGNING have the
# Secure Entry Point flag set and, when active, will be used to sign only
# resource record sets of type DNSKEY. Otherwise, the Secure Entry Point
# flag will be cleared and this key will be used to sign only resource
# record sets of other types. Immutable after creation time.
"keyTag": 42, # The key tag is a non-cryptographic hash of the a DNSKEY resource record
# associated with this DnsKey. The key tag can be used to identify a DNSKEY
# more quickly (but it is not a unique identifier). In particular, the key
# tag is used in a parent zone's DS record to point at the DNSKEY in this
# child ManagedZone. The key tag is a number in the range [0, 65535] and the
# algorithm to calculate it is specified in RFC4034 Appendix B. Output only.
"kind": "dns#dnsKey",
"publicKey": "A String", # Base64 encoded public half of this key. Output only.
"keyLength": 42, # Length of the key in bits. Specified at creation time then immutable.
"digests": [ # Cryptographic hashes of the DNSKEY resource record associated with this
# DnsKey. These digests are needed to construct a DS record that points at
# this DNS key. Output only.
{
"digest": "A String", # The base-16 encoded bytes of this digest. Suitable for use in a DS
# resource record.
"type": "A String", # Specifies the algorithm used to calculate this digest.
},
],
"algorithm": "A String", # String mnemonic specifying the DNSSEC algorithm of this key. Immutable
# after creation time.
},
},
}
update(project, managedZone, body=None, clientOperationId=None, x__xgafv=None)
Update an existing ManagedZone.
Args:
project: string, Identifies the project addressed by this request. (required)
managedZone: string, Identifies the managed zone addressed by this request. Can be the managed
zone name or id. (required)
body: object, The request body.
The object takes the form of:
{ # A zone is a subtree of the DNS namespace under one administrative
# responsibility. A ManagedZone is a resource that represents a DNS zone
# hosted by the Cloud DNS service.
"nameServers": [ # Delegate your managed_zone to these virtual name servers; defined by the
# server (output only)
"A String",
],
"visibility": "A String", # The zone's visibility: public zones are exposed to the Internet, while
# private zones are visible only to Virtual Private Cloud resources.
"nameServerSet": "A String", # Optionally specifies the NameServerSet for this ManagedZone. A
# NameServerSet is a set of DNS name servers that all host the same
# ManagedZones. Most users will leave this field unset.
"privateVisibilityConfig": { # For privately visible zones, the set of Virtual Private Cloud resources
# that the zone is visible from.
"kind": "dns#managedZonePrivateVisibilityConfig",
"networks": [ # The list of VPC networks that can see this zone.
{
"kind": "dns#managedZonePrivateVisibilityConfigNetwork",
"networkUrl": "A String", # The fully qualified URL of the VPC network to bind to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
},
],
},
"name": "A String", # User assigned name for this resource. Must be unique within the project.
# The name must be 1-63 characters long, must begin with a letter, end with
# a letter or digit, and only contain lowercase letters, digits or dashes.
"description": "A String", # A mutable string of at most 1024 characters associated with this resource
# for the user's convenience. Has no effect on the managed zone's function.
"creationTime": "A String", # The time that this resource was created on the server. This is in RFC3339
# text format. Output only.
"labels": { # User labels.
"a_key": "A String",
},
"id": "A String", # Unique identifier for the resource; defined by the server (output only)
"peeringConfig": { # The presence of this field indicates that DNS Peering is enabled for this
# zone. The value of this field contains the network to peer with.
"targetNetwork": { # The network with which to peer.
"networkUrl": "A String", # The fully qualified URL of the VPC network to forward queries to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
"kind": "dns#managedZonePeeringConfigTargetNetwork",
"deactivateTime": "A String", # The time at which the zone was deactivated, in RFC 3339 date-time
# format. An empty string indicates that the peering connection is
# active. The producer network can deactivate a zone. The zone is
# automatically deactivated if the producer network that the zone
# targeted is deleted. Output only.
},
"kind": "dns#managedZonePeeringConfig",
},
"dnssecConfig": { # DNSSEC configuration.
"nonExistence": "A String", # Specifies the mechanism for authenticated denial-of-existence responses.
# Can only be changed while the state is OFF.
"defaultKeySpecs": [ # Specifies parameters for generating initial DnsKeys for this
# ManagedZone. Can only be changed while the state is OFF.
{ # Parameters for DnsKey key generation. Used for generating initial keys
# for a new ManagedZone and as default when adding a new DnsKey.
"algorithm": "A String", # String mnemonic specifying the DNSSEC algorithm of this key.
"kind": "dns#dnsKeySpec",
"keyLength": 42, # Length of the keys in bits.
"keyType": "A String", # Specifies whether this is a key signing key (KSK) or a zone signing key
# (ZSK). Key signing keys have the Secure Entry Point flag set and, when
# active, will only be used to sign resource record sets of type DNSKEY.
# Zone signing keys do not have the Secure Entry Point flag set and will be
# used to sign all other types of resource record sets.
},
],
"kind": "dns#managedZoneDnsSecConfig",
"state": "A String", # Specifies whether DNSSEC is enabled, and what mode it is in.
},
"dnsName": "A String", # The DNS name of this managed zone, for instance "example.com.".
"kind": "dns#managedZone",
"reverseLookupConfig": { # The presence of this field indicates that this is a managed reverse
# lookup zone and Cloud DNS will resolve reverse lookup queries using
# automatically configured records for VPC resources. This only applies
# to networks listed under private_visibility_config.
"kind": "dns#managedZoneReverseLookupConfig",
},
"forwardingConfig": { # The presence for this field indicates that outbound forwarding is enabled
# for this zone. The value of this field contains the set of destinations
# to forward to.
"kind": "dns#managedZoneForwardingConfig",
"targetNameServers": [ # List of target name servers to forward to.
# Cloud DNS will select the best available name server if more than one
# target is given.
{
"forwardingPath": "A String", # Forwarding path for this NameServerTarget, if unset or set to DEFAULT,
# Cloud DNS will make forwarding decision based on address ranges,
# i.e. RFC1918 addresses go to the VPC, Non-RFC1918 addresses go to the
# Internet. When set to PRIVATE, Cloud DNS will always send queries
# through VPC for this target
"ipv4Address": "A String", # IPv4 address of a target name server.
"kind": "dns#managedZoneForwardingConfigNameServerTarget",
},
],
},
}
clientOperationId: string, For mutating operation requests only. An optional identifier
specified by the client. Must be unique for operation resources in the
Operations collection.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # An operation represents a successful mutation performed on a Cloud DNS
# resource.
# Operations provide:
# - An audit log of server resource mutations.
# - A way to recover/retry API calls in the case where the response is never
# received by the caller. Use the caller specified client_operation_id.
"id": "A String", # Unique identifier for the resource. This is the client_operation_id if
# the client specified it when the mutation was initiated, otherwise,
# it is generated by the server. The name must be 1-63 characters long
# and match the regular expression [-a-z0-9]? (output only)
"zoneContext": { # Only populated if the operation targeted a ManagedZone (output only).
"newValue": { # A zone is a subtree of the DNS namespace under one administrative # The post-operation ManagedZone resource.
# responsibility. A ManagedZone is a resource that represents a DNS zone
# hosted by the Cloud DNS service.
"nameServers": [ # Delegate your managed_zone to these virtual name servers; defined by the
# server (output only)
"A String",
],
"visibility": "A String", # The zone's visibility: public zones are exposed to the Internet, while
# private zones are visible only to Virtual Private Cloud resources.
"nameServerSet": "A String", # Optionally specifies the NameServerSet for this ManagedZone. A
# NameServerSet is a set of DNS name servers that all host the same
# ManagedZones. Most users will leave this field unset.
"privateVisibilityConfig": { # For privately visible zones, the set of Virtual Private Cloud resources
# that the zone is visible from.
"kind": "dns#managedZonePrivateVisibilityConfig",
"networks": [ # The list of VPC networks that can see this zone.
{
"kind": "dns#managedZonePrivateVisibilityConfigNetwork",
"networkUrl": "A String", # The fully qualified URL of the VPC network to bind to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
},
],
},
"name": "A String", # User assigned name for this resource. Must be unique within the project.
# The name must be 1-63 characters long, must begin with a letter, end with
# a letter or digit, and only contain lowercase letters, digits or dashes.
"description": "A String", # A mutable string of at most 1024 characters associated with this resource
# for the user's convenience. Has no effect on the managed zone's function.
"creationTime": "A String", # The time that this resource was created on the server. This is in RFC3339
# text format. Output only.
"labels": { # User labels.
"a_key": "A String",
},
"id": "A String", # Unique identifier for the resource; defined by the server (output only)
"peeringConfig": { # The presence of this field indicates that DNS Peering is enabled for this
# zone. The value of this field contains the network to peer with.
"targetNetwork": { # The network with which to peer.
"networkUrl": "A String", # The fully qualified URL of the VPC network to forward queries to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
"kind": "dns#managedZonePeeringConfigTargetNetwork",
"deactivateTime": "A String", # The time at which the zone was deactivated, in RFC 3339 date-time
# format. An empty string indicates that the peering connection is
# active. The producer network can deactivate a zone. The zone is
# automatically deactivated if the producer network that the zone
# targeted is deleted. Output only.
},
"kind": "dns#managedZonePeeringConfig",
},
"dnssecConfig": { # DNSSEC configuration.
"nonExistence": "A String", # Specifies the mechanism for authenticated denial-of-existence responses.
# Can only be changed while the state is OFF.
"defaultKeySpecs": [ # Specifies parameters for generating initial DnsKeys for this
# ManagedZone. Can only be changed while the state is OFF.
{ # Parameters for DnsKey key generation. Used for generating initial keys
# for a new ManagedZone and as default when adding a new DnsKey.
"algorithm": "A String", # String mnemonic specifying the DNSSEC algorithm of this key.
"kind": "dns#dnsKeySpec",
"keyLength": 42, # Length of the keys in bits.
"keyType": "A String", # Specifies whether this is a key signing key (KSK) or a zone signing key
# (ZSK). Key signing keys have the Secure Entry Point flag set and, when
# active, will only be used to sign resource record sets of type DNSKEY.
# Zone signing keys do not have the Secure Entry Point flag set and will be
# used to sign all other types of resource record sets.
},
],
"kind": "dns#managedZoneDnsSecConfig",
"state": "A String", # Specifies whether DNSSEC is enabled, and what mode it is in.
},
"dnsName": "A String", # The DNS name of this managed zone, for instance "example.com.".
"kind": "dns#managedZone",
"reverseLookupConfig": { # The presence of this field indicates that this is a managed reverse
# lookup zone and Cloud DNS will resolve reverse lookup queries using
# automatically configured records for VPC resources. This only applies
# to networks listed under private_visibility_config.
"kind": "dns#managedZoneReverseLookupConfig",
},
"forwardingConfig": { # The presence for this field indicates that outbound forwarding is enabled
# for this zone. The value of this field contains the set of destinations
# to forward to.
"kind": "dns#managedZoneForwardingConfig",
"targetNameServers": [ # List of target name servers to forward to.
# Cloud DNS will select the best available name server if more than one
# target is given.
{
"forwardingPath": "A String", # Forwarding path for this NameServerTarget, if unset or set to DEFAULT,
# Cloud DNS will make forwarding decision based on address ranges,
# i.e. RFC1918 addresses go to the VPC, Non-RFC1918 addresses go to the
# Internet. When set to PRIVATE, Cloud DNS will always send queries
# through VPC for this target
"ipv4Address": "A String", # IPv4 address of a target name server.
"kind": "dns#managedZoneForwardingConfigNameServerTarget",
},
],
},
},
"oldValue": { # A zone is a subtree of the DNS namespace under one administrative # The pre-operation ManagedZone resource.
# responsibility. A ManagedZone is a resource that represents a DNS zone
# hosted by the Cloud DNS service.
"nameServers": [ # Delegate your managed_zone to these virtual name servers; defined by the
# server (output only)
"A String",
],
"visibility": "A String", # The zone's visibility: public zones are exposed to the Internet, while
# private zones are visible only to Virtual Private Cloud resources.
"nameServerSet": "A String", # Optionally specifies the NameServerSet for this ManagedZone. A
# NameServerSet is a set of DNS name servers that all host the same
# ManagedZones. Most users will leave this field unset.
"privateVisibilityConfig": { # For privately visible zones, the set of Virtual Private Cloud resources
# that the zone is visible from.
"kind": "dns#managedZonePrivateVisibilityConfig",
"networks": [ # The list of VPC networks that can see this zone.
{
"kind": "dns#managedZonePrivateVisibilityConfigNetwork",
"networkUrl": "A String", # The fully qualified URL of the VPC network to bind to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
},
],
},
"name": "A String", # User assigned name for this resource. Must be unique within the project.
# The name must be 1-63 characters long, must begin with a letter, end with
# a letter or digit, and only contain lowercase letters, digits or dashes.
"description": "A String", # A mutable string of at most 1024 characters associated with this resource
# for the user's convenience. Has no effect on the managed zone's function.
"creationTime": "A String", # The time that this resource was created on the server. This is in RFC3339
# text format. Output only.
"labels": { # User labels.
"a_key": "A String",
},
"id": "A String", # Unique identifier for the resource; defined by the server (output only)
"peeringConfig": { # The presence of this field indicates that DNS Peering is enabled for this
# zone. The value of this field contains the network to peer with.
"targetNetwork": { # The network with which to peer.
"networkUrl": "A String", # The fully qualified URL of the VPC network to forward queries to.
# This should be formatted like
# https://www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}
"kind": "dns#managedZonePeeringConfigTargetNetwork",
"deactivateTime": "A String", # The time at which the zone was deactivated, in RFC 3339 date-time
# format. An empty string indicates that the peering connection is
# active. The producer network can deactivate a zone. The zone is
# automatically deactivated if the producer network that the zone
# targeted is deleted. Output only.
},
"kind": "dns#managedZonePeeringConfig",
},
"dnssecConfig": { # DNSSEC configuration.
"nonExistence": "A String", # Specifies the mechanism for authenticated denial-of-existence responses.
# Can only be changed while the state is OFF.
"defaultKeySpecs": [ # Specifies parameters for generating initial DnsKeys for this
# ManagedZone. Can only be changed while the state is OFF.
{ # Parameters for DnsKey key generation. Used for generating initial keys
# for a new ManagedZone and as default when adding a new DnsKey.
"algorithm": "A String", # String mnemonic specifying the DNSSEC algorithm of this key.
"kind": "dns#dnsKeySpec",
"keyLength": 42, # Length of the keys in bits.
"keyType": "A String", # Specifies whether this is a key signing key (KSK) or a zone signing key
# (ZSK). Key signing keys have the Secure Entry Point flag set and, when
# active, will only be used to sign resource record sets of type DNSKEY.
# Zone signing keys do not have the Secure Entry Point flag set and will be
# used to sign all other types of resource record sets.
},
],
"kind": "dns#managedZoneDnsSecConfig",
"state": "A String", # Specifies whether DNSSEC is enabled, and what mode it is in.
},
"dnsName": "A String", # The DNS name of this managed zone, for instance "example.com.".
"kind": "dns#managedZone",
"reverseLookupConfig": { # The presence of this field indicates that this is a managed reverse
# lookup zone and Cloud DNS will resolve reverse lookup queries using
# automatically configured records for VPC resources. This only applies
# to networks listed under private_visibility_config.
"kind": "dns#managedZoneReverseLookupConfig",
},
"forwardingConfig": { # The presence for this field indicates that outbound forwarding is enabled
# for this zone. The value of this field contains the set of destinations
# to forward to.
"kind": "dns#managedZoneForwardingConfig",
"targetNameServers": [ # List of target name servers to forward to.
# Cloud DNS will select the best available name server if more than one
# target is given.
{
"forwardingPath": "A String", # Forwarding path for this NameServerTarget, if unset or set to DEFAULT,
# Cloud DNS will make forwarding decision based on address ranges,
# i.e. RFC1918 addresses go to the VPC, Non-RFC1918 addresses go to the
# Internet. When set to PRIVATE, Cloud DNS will always send queries
# through VPC for this target
"ipv4Address": "A String", # IPv4 address of a target name server.
"kind": "dns#managedZoneForwardingConfigNameServerTarget",
},
],
},
},
},
"type": "A String", # Type of the operation. Operations include insert, update, and delete
# (output only).
"status": "A String", # Status of the operation. Can be one of the following: "PENDING" or "DONE"
# (output only). A status of "DONE" means that the
# request to update the authoritative servers has been sent, but the
# servers might not be updated yet.
"startTime": "A String", # The time that this operation was started by the server. This is in RFC3339
# text format (output only).
"kind": "dns#operation",
"user": "A String", # User who requested the operation, for example: user@example.com.
# cloud-dns-system for operations automatically done by the system.
# (output only)
"dnsKeyContext": { # Only populated if the operation targeted a DnsKey (output only).
"newValue": { # A DNSSEC key pair. # The post-operation DnsKey resource.
"isActive": True or False, # Active keys will be used to sign subsequent changes to the ManagedZone.
# Inactive keys will still be present as DNSKEY Resource Records for the use
# of resolvers validating existing signatures.
"description": "A String", # A mutable string of at most 1024 characters associated with this resource
# for the user's convenience. Has no effect on the resource's function.
"id": "A String", # Unique identifier for the resource; defined by the server (output only).
"creationTime": "A String", # The time that this resource was created in the control plane. This is in
# RFC3339 text format. Output only.
"type": "A String", # One of "KEY_SIGNING" or "ZONE_SIGNING". Keys of type KEY_SIGNING have the
# Secure Entry Point flag set and, when active, will be used to sign only
# resource record sets of type DNSKEY. Otherwise, the Secure Entry Point
# flag will be cleared and this key will be used to sign only resource
# record sets of other types. Immutable after creation time.
"keyTag": 42, # The key tag is a non-cryptographic hash of the a DNSKEY resource record
# associated with this DnsKey. The key tag can be used to identify a DNSKEY
# more quickly (but it is not a unique identifier). In particular, the key
# tag is used in a parent zone's DS record to point at the DNSKEY in this
# child ManagedZone. The key tag is a number in the range [0, 65535] and the
# algorithm to calculate it is specified in RFC4034 Appendix B. Output only.
"kind": "dns#dnsKey",
"publicKey": "A String", # Base64 encoded public half of this key. Output only.
"keyLength": 42, # Length of the key in bits. Specified at creation time then immutable.
"digests": [ # Cryptographic hashes of the DNSKEY resource record associated with this
# DnsKey. These digests are needed to construct a DS record that points at
# this DNS key. Output only.
{
"digest": "A String", # The base-16 encoded bytes of this digest. Suitable for use in a DS
# resource record.
"type": "A String", # Specifies the algorithm used to calculate this digest.
},
],
"algorithm": "A String", # String mnemonic specifying the DNSSEC algorithm of this key. Immutable
# after creation time.
},
"oldValue": { # A DNSSEC key pair. # The pre-operation DnsKey resource.
"isActive": True or False, # Active keys will be used to sign subsequent changes to the ManagedZone.
# Inactive keys will still be present as DNSKEY Resource Records for the use
# of resolvers validating existing signatures.
"description": "A String", # A mutable string of at most 1024 characters associated with this resource
# for the user's convenience. Has no effect on the resource's function.
"id": "A String", # Unique identifier for the resource; defined by the server (output only).
"creationTime": "A String", # The time that this resource was created in the control plane. This is in
# RFC3339 text format. Output only.
"type": "A String", # One of "KEY_SIGNING" or "ZONE_SIGNING". Keys of type KEY_SIGNING have the
# Secure Entry Point flag set and, when active, will be used to sign only
# resource record sets of type DNSKEY. Otherwise, the Secure Entry Point
# flag will be cleared and this key will be used to sign only resource
# record sets of other types. Immutable after creation time.
"keyTag": 42, # The key tag is a non-cryptographic hash of the a DNSKEY resource record
# associated with this DnsKey. The key tag can be used to identify a DNSKEY
# more quickly (but it is not a unique identifier). In particular, the key
# tag is used in a parent zone's DS record to point at the DNSKEY in this
# child ManagedZone. The key tag is a number in the range [0, 65535] and the
# algorithm to calculate it is specified in RFC4034 Appendix B. Output only.
"kind": "dns#dnsKey",
"publicKey": "A String", # Base64 encoded public half of this key. Output only.
"keyLength": 42, # Length of the key in bits. Specified at creation time then immutable.
"digests": [ # Cryptographic hashes of the DNSKEY resource record associated with this
# DnsKey. These digests are needed to construct a DS record that points at
# this DNS key. Output only.
{
"digest": "A String", # The base-16 encoded bytes of this digest. Suitable for use in a DS
# resource record.
"type": "A String", # Specifies the algorithm used to calculate this digest.
},
],
"algorithm": "A String", # String mnemonic specifying the DNSSEC algorithm of this key. Immutable
# after creation time.
},
},
}