Overview
This page shows examples of interacting with the IBM Cloud Private DNS API.
Table of Contents:
Prerequisites
- You have a valid IAM Token as outlined here
Authentication
Access to DNS Services instances for users in your account is controlled by IBM Cloud Identity and Access Management (IAM). Every user that accesses the DNS Services in your account must be assigned an access policy with an IAM role defined. Pass a bearer token in an authorization header. Tokens support authenticated requests without embedding service credentials in every call. For more information, see Managing access with IAM for DNS Services.
Create Private DNS Instance
We will need to use the Resource Controller API in order to provision an instance of the Private DNS offering.
- RESOURCE_GROUP_ID: The ID of the resource group the VPC will be deployed in to.
- RESOURCE_PLAN_ID: The ID of the specific catatlog plan ID for the service. To find available options run
ibmcloud catalog service dns-svcs
.
curl -X POST "https://resource-controller.cloud.ibm.com/v2/resource_instances" \
-H "Authorization: ${iam_token}" -H "Content-Type: application/json"\
-d '{
"name": "pdns-rest-test",
"target": "bluemix-global",
"resource_group": "RESOURCE_GROUP",
"resource_plan_id": "RESOURCE_PLAN_ID",
"tags": [
"service:dns-svcs"
]
}
Create a Private DNS Zone
The following example will create a new DNS Zone in our Private DNS instance.
- DNS_INSTANCE: The Private Instance ID. You can get this by running the command
ibmcloud dns instances
curl -X POST -H "Content-Type: application/json" -H "Authorization: ${iam_token}" \
"https://api.dns-svcs.cloud.ibm.com/v1/instances/DNS_INSTANCE/dnszones" \
-d '{
"name": "pdns-rest.test",
"description": "Example Private DNS Zone",
"label": "us-east"
}'
Add a Permitted Network to a DNS zone
- DNS_INSTANCE: The Private Instance ID. You can get this by running the command
ibmcloud dns instances
. - DNS_ZONE_ID: The DNS Zone ID.
- VPC_CRN: The CRN of the VPC to add as a permitted network.
curl -X POST -H "Content-Type: application/json" -H "Authorization: ${iam_token}" \
"https://api.dns-svcs.cloud.ibm.com/v1/instances/DNS_INSTANCE/dnszones/DNS_ZONE_ID/permitted_networks" \
-d '{
"permitted_network": {
"vpc_crn": "VPC_CRN"
},
"type": "vpc"
}'