StackExchange/dnscontrol
1
1
Fork 0
mirror of https://github.com/StackExchange/dnscontrol.git synced 2025-10-29 23:46:25 +08:00
Code Issues Projects Releases Packages Wiki Activity
dnscontrol/documentation/provider/huaweicloud.md
Jeffrey Cafferata ee4970471b
DOCS: Trailing commas are no longer an issue (#3248)
2024-12-17 07:46:37 -05:00

103 lines
4.1 KiB
Markdown
Raw Blame History

## Configuration
This provider is for the [Huawei Cloud DNS](https://www.huaweicloud.com/intl/en-us/product/dns.html)(Public DNS). To use this provider, add an entry to `creds.json` with `TYPE` set to `HUAWEICLOUD`.
along with the API credentials.
Example:
{% code title="creds.json" %}
```json
{
"huaweicloud": {
"TYPE": "HUAWEICLOUD",
"KeyId": "YOUR_ACCESS_KEY_ID",
"SecretKey": "YOUR_SECRET_ACCESS_KEY",
"Region": "YOUR_SERVICE_REGION"
}
}
```
{% endcode %}
## Metadata
There are some record level metadata available for this provider:
* `hw_line` (Line ID, default "default_view") Refer to the [Intelligent Resolution](https://support.huaweicloud.com/intl/en-us/usermanual-dns/dns_usermanual_0041.html) for more information.
* Available Line ID refer to [Resolution Lines](https://support.huaweicloud.com/intl/en-us/api-dns/en-us_topic_0085546214.html). Custom Line ID can also be used.
* `hw_weight` (0-1000, default "1") Refer to the [Configuring Weighted Routing](https://support.huaweicloud.com/intl/en-us/usermanual-dns/dns_usermanual_0705.html) for more information.
* `hw_rrset_key` (default "") User defined key for RRset load balance. This value would be stored in the description field of the RRset.
The following example shows how to use the metadata:
{% code title="dnsconfig.js" %}
```javascript
var REG_NONE = NewRegistrar("none");
var DSP_HWCLOUD = NewDnsProvider("huaweicloud");
D("example.com", REG_NONE, DnsProvider(DSP_HWCLOUD),
// this example will create 4 rrsets with the same name "test"
A("test", "8.8.8.8"),
A("test", "8.8.4.4"),
A("test", "9.9.9.9", {hw_weight: "10"}), // Weighted Routing
A("test", "149.112.112.112", {hw_weight: "10"}), // Weighted Routing
A("test", "223.5.5.5", {hw_line: "CN"}), // GEODNS
A("test", "223.6.6.6", {hw_line: "CN", hw_weight: "10"}), // GEODNS with weight
// this example will create 3 rrsets with the same name "rr-lb"
A("rr-lb", "10.0.0.1", {hw_weight: "10", hw_rrset_key: "lb-zone-a"}),
A("rr-lb", "10.0.0.2", {hw_weight: "10", hw_rrset_key: "lb-zone-a"}),
A("rr-lb", "10.0.1.1", {hw_weight: "10", hw_rrset_key: "lb-zone-b"}),
A("rr-lb", "10.0.1.2", {hw_weight: "10", hw_rrset_key: "lb-zone-b"}),
A("rr-lb", "10.0.2.2", {hw_weight: "0", hw_rrset_key: "lb-zone-c"}),
);
```
{% endcode %}
## Usage
An example configuration:
{% code title="dnsconfig.js" %}
```javascript
var REG_NONE = NewRegistrar("none");
var DSP_HWCLOUD = NewDnsProvider("huaweicloud");
D("example.com", REG_NONE, DnsProvider(DSP_HWCLOUD),
A("test", "1.2.3.4"),
);
```
{% endcode %}
## Activation
DNSControl depends on a standard [IAM User](https://support.huaweicloud.com/intl/en-us/usermanual-iam/iam_02_0003.html) with permission to list, create and update hosted zones.
The `DNS FullAccess` policy will also work, but that provides access to many other areas and violates the "principle of least privilege".
The minimum permissions required are as follows:
```json
{
"Version": "1.1",
"Statement": [
{
"Effect": "Allow",
"Action": [
"dns:recordset:delete",
"dns:recordset:create",
"dns:zone:create",
"dns:recordset:get",
"dns:nameserver:getZoneNameServer",
"dns:zone:list",
"dns:recordset:update",
"dns:recordset:list",
"dns:zone:get"
]
}
]
}
```
To determine the `Region` parameter, refer to the [endpoint page of huaweicloud](https://console-intl.huaweicloud.com/apiexplorer/#/endpoint/DNS). For example, on the international site, the `Region` name `ap-southeast-1` is known to work.
If that doesn't work, log into Huaweicloud's website and open the [API Explorer](https://console-intl.huaweicloud.com/apiexplorer/#/openapi/DNS/debug?api=ListPublicZones), find the `ListPublicZones` API, select a different Region and click Debug to try and find your Region.
## New domains
If a domain does not exist in your Huawei Cloud account, DNSControl will automatically add it with the `push` command.
Reference in a new issue View git blame Copy permalink