This page provides an overview of records and lists DNS record types that Cloud DNS supports, including the Cloud DNS custom record type ALIAS.
A record is a mapping between a DNS resource and a domain name. Each individual DNS record has a type (name and number), an expiration time (time to live), and type-specific data.
To create and manage resource record sets, see Add, update, and delete records.
Supported DNS record types
Cloud DNS supports the following types of records.
Wildcard DNS records
Wildcard DNS records are supported for all record types, except for NS records.
| For record type | Enter |
|---|---|
A |
The host's numeric IP address, in IPv4 dotted decimal format. The
|
AAAA |
The host's numeric IP address, in IPv6 hexadecimal format. The
|
ALIAS (Preview) |
Alias record (Preview), which maps an alias domain name to a canonical name at the zone apex. An alias record is also called an ANAME record or CNAME flattening. You can configure alias records by using the gcloud CLI or the Cloud DNS API. You cannot configure alias records by using the Cloud de Confiance console. An alias record is also called an ANAME record or CNAME flattening. |
CAA |
The certificate authorities that are authorized to issue certificates
for this domain—for example,
Create a |
CNAME |
The DNS alias for an
You can also use the
Sometimes, a name server responds with the If you encounter issues while creating a CNAME record, see CNAME record defined in a private zone not working . |
DNSKEY |
The DNSSEC public key that the resolvers use to verify the authenticity of records using ZSK and KSK keys. For example,
In this example,
You can only add this record type in a public and DNSSEC-enabled zone
that is in the |
DS |
The DNSSEC key fingerprint for a secure delegated zone.
For example, You can only add this record type in a public zone. This record type does not activate DNSSEC for a delegated zone unless you enable (and activate) DNSSEC for this zone. DNSSEC is not enabled by default for zones. |
HTTPS |
HTTPS Service Binding record, which allows an origin to indicate multiple alternative endpoints, each with associated parameters. This record also redirects HTTP to HTTPS.
For example, The HTTPS record type is based on the more general SVCB record type and uses the same value format. |
IPSECKEY |
IPsec tunnel gateway data and public keys for IPsec-capable clients to enable opportunistic encryption.
For example, For more information, see RFC 4025. |
MX |
A preference number and DNS name of a mail exchange server that receives emails on behalf of your domain.
For example: SMTP servers prefer servers with lower preference numbers with The MX record you enter must end with a dot ( You can create multiple records with different priorities to configure backup mail servers or use the same priority to distribute the load across multiple mail servers.
For example, to direct your email to your Google Workspace account,
enter the following: |
NS |
The DNS name of the authoritative name server that provides DNS
services for your domain or subdomain. Your |
SOA |
Start of authority record, which specifies authoritative information
about a DNS zone. An
For example,
For more information, see RFC 1035. |
SPF |
The |
SRV |
The data which specifies the location (the hostname and port number) of servers for a particular service.
For example, For more information, see RFC 2782. |
SSHFP |
SSH fingerprint for SSH clients to validate the public keys of SSH servers.
For example, |
SVCB |
Service Binding record, which allows a logical service to indicate multiple alternative endpoints, each with associated parameters.
For example, For HTTPS origins, see the HTTPS record type. |
TLSA |
The DNS-based Authentication of Named Entities (DANE) TLSA Certificate Association information. A TLSA record contains information used to validate X.509 certificates (such as certificates used by HTTPS) without depending on one of a preconfigured set of certificate authorities (CAs) signing them.
For example, Only use this record type if you have enabled DNSSEC for the zone. |
TXT |
Text record, which can contain arbitrary text and can also be used to define machine-readable data, such as security or abuse prevention information. A TXT record may contain one or more text strings; the
maximum length of each
string is 255 characters. If your record data is more than 255
bytes, divide your record into 255-byte strings and enclose each
string in quotation marks—for example,
Mail agents and other software agents concatenate multiple strings. Enclose each string in quotation marks—for example, Each TXT record has a 1000-character limit. If you need to increase this limit, contact Cloud de Confiance by S3NS support. |
What's next
To get started using Cloud DNS, see Quickstart: Set up DNS records for a domain name with Cloud DNS.
To register and set up your domain, see Tutorial: Set up a domain by using Cloud DNS.
To learn about API client libraries, see Samples and libraries.
To find solutions for common issues that you might encounter when using Cloud DNS, see Troubleshooting.