2017-01-12 04:02:45 +08:00
---
2017-10-11 20:33:17 +08:00
name: Google Cloud DNS
title: Google Cloud DNS Provider
2017-01-12 04:02:45 +08:00
layout: default
jsId: GCLOUD
---
2017-10-11 20:33:17 +08:00
# Google Cloud DNS Provider
2017-01-12 04:02:45 +08:00
## Configuration
2017-10-11 22:10:23 +08:00
For Google cloud authentication, DNSControl requires a JSON 'Service Account Key' for your project. Newlines in the private key need to be replaced with `\n` .Copy the full JSON object into your `creds.json` like so:
2017-01-12 04:02:45 +08:00
{% highlight json %}
{
2017-10-11 20:33:52 +08:00
"gcloud": {
2017-03-13 02:21:08 +08:00
"type": "service_account",
"project_id": "mydnsproject",
"private_key_id": "a05483aa208364c56716b384efff33c0574d365b",
"private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvAIBADL2dhlY7YZbx7tpsfksOX\nih0DbxhiQ==\n-----END PRIVATE KEY-----\n",
"client_email": "dnscontrolacct@mydnsproject.iam.gserviceaccount.com",
"client_id": "107996619231234567750",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/dnscontrolsdfsdfsdf%40craigdnstest.iam.gserviceaccount.com"
}
2017-01-12 04:02:45 +08:00
}
{% endhighlight %}
2017-03-17 13:42:53 +08:00
**Note**: The `project_id` , `private_key` , and `client_email` , are the only fields that are strictly required, but it is sometimes easier to just paste the entire json object in. Either way is fine.
2017-01-12 04:02:45 +08:00
See [the Activation section ](#activation ) for some tips on obtaining these credentials.
## Metadata
2017-03-13 02:21:08 +08:00
This provider does not recognize any special metadata fields unique to google cloud dns.
2017-01-12 04:02:45 +08:00
## Usage
Use this provider like any other DNS Provider:
{% highlight js %}
var REG_NAMECOM = NewRegistrar("name.com","NAMEDOTCOM");
2017-10-25 21:21:44 +08:00
var GCLOUD = NewDnsProvider("gcloud", "GCLOUD");
2017-01-12 04:02:45 +08:00
D("example.tld", REG_NAMECOM, DnsProvider(GCLOUD),
A("test","1.2.3.4")
);
{%endhighlight%}
## Activation
2017-03-13 02:21:08 +08:00
1. Go to your app-engine console and select the appropriate project.
2. Go to "API Manager > Credentials", and create a new "Service Account Key"
2017-01-12 04:02:45 +08:00
2017-03-13 07:31:48 +08:00
< img src = "{{ site.github.url }}/assets/gcloud-json-screen.png" alt = "New Service Account" style = "width: 900px;" / >
2017-01-12 04:02:45 +08:00
2017-09-07 21:46:32 +08:00
3. Choose an existing user, or create a new one. The user requires the "DNS Administrator" role.
2017-05-03 21:32:47 +08:00
4. Download the JSON key and copy it into your `creds.json` under the name of your gcloud provider.
## New domains
If a domain does not exist in your Google Cloud DNS account, DNSControl
2017-10-11 22:10:23 +08:00
will *not* automatically add it with the `create-domains` account. You'll need to do that via the
2017-05-03 21:32:47 +08:00
control panel manually.