This page provides an overview of records and lists DNS record types that Cloud DNS supports.
A record is a mapping between a DNS resource and a domain name. Each individual DNS record has a type (name and number), an expiration time (time to live), and type-specific data.
Supported DNS record types
Cloud DNS supports the following types of records.
| Record type | Description |
|---|---|
A |
Address record, which maps host names to their IPv4 address. |
AAAA |
IPv6 address record, which maps host names to their IPv6 address. |
ALIAS |
Alias record (Preview), which maps an alias domain name to a canonical name at the zone apex. An alias record is also called an ANAME record or CNAME flattening. You can configure alias records by using the gcloud CLI or the Cloud DNS API. You cannot configure alias records by using the Trusted Cloud console. |
CAA |
Certificate Authority (CA) Authorization, which specifies which CAs are allowed to create certificates for a domain. |
CNAME |
Canonical name record, which specifies alias names. If you encounter issues while creating a CNAME record, see CNAME record defined in a private zone not working. |
DNSKEY |
The DNSSEC key from another operator for secure transfer. This record set type can only be added to a DNSSEC-enabled zone in Transfer state. |
DS |
The DNSSEC key fingerprint for a secure delegated zone. This record set type does not activate DNSSEC for a delegated zone unless you enable (and activate) DNSSEC for this zone. |
HTTPS |
HTTPS Service Binding record, which allows an origin to indicate multiple alternative endpoints, each with associated parameters. This record also redirects HTTP to HTTPS. This record type is based on the more general SVCB record type and uses the same value format. |
IPSECKEY |
IPsec tunnel gateway data and public keys for IPsec-capable clients to enable opportunistic encryption. |
MX |
Mail exchange record, which routes requests to mail servers. |
NS |
Name server record, which delegates a DNS zone to an authoritative server. |
SOA |
Start of authority record, which specifies authoritative information
about a DNS zone. An |
SPF |
Sender Policy Framework record, a deprecated record type formerly used in email validation systems (use a TXT record instead). |
SRV |
Service locator record, which is used by some voice over IP (VoIP), instant messaging protocols, and other applications. |
SSHFP |
SSH fingerprint for SSH clients to validate the public keys of SSH servers. |
SVCB |
Service Binding record, which allows a logical service to indicate multiple alternative endpoints, each with associated parameters. For HTTPS origins, see the HTTPS record type. |
TLSA |
TLS authentication record for TLS clients to validate X.509 server certificates. |
TXT |
Text record, which can contain arbitrary text and can also be used to define machine-readable data, such as security or abuse prevention information. A TXT record can contain one or more text strings; the maximum length of each individual string is 255 characters. Mail agents and other software agents concatenate multiple strings. Enclose each string in quotation marks. |
To add, delete, or update records, see Managing records.
Wildcard DNS records
Cloud DNS supports wildcard records for all record types, except for NS records.
What's next
To get started using Cloud DNS, see Quickstart: Set up DNS records for a domain name with Cloud DNS.
To register and set up your domain, see Tutorial: Set up a domain by using Cloud DNS.
To learn about API client libraries, see Samples and libraries.
To find solutions for common issues that you might encounter when using Cloud DNS, see Troubleshooting.