Discuss with expertTry it for free
© 2026 Direct Cursus Technology L.L.C.

Creating an inbound DNS connection

Written by

To create an inbound DNS connection:

To create a new inbound DNS connection:

  1. Reserve an IP address for the inbound DNS connection in the required subnet:

    yc vpc address create --name dns-ep \
  --description 'DNS Inbound IP' \
  --internal-ipv4 address=10.0.1.101,subnet=f5hqt..........3gj28

    Where:

    • --name: Name of the private IP address to reserve. It must be unique within a folder.
    • --description: Description of the IP address to reserve.
    • --internal-ipv4: Attribute block for reserving a private IP address:
      • address: IPv4 address to reserve. You cannot specify IP addresses that are already in use in the VPC.
      • subnet: ID of the subnet the IP address will be reserved in.

Result:

 id: e3gck..........qd6j2
 folder_id: b1g42..........5ghp2
 name: dns-ep
 description: DNS Inbound IP
 internal_ipv4_address:
   address: 10.0.1.101
   subnet_id: f5hqt..........3gj28
 reserved: true
 type: INTERNAL
 ip_version: IPV4

  1. See the CLI command description for creating an inbound DNS connection:

    yc dns inbound-endpoint create --help

  2. Create an inbound DNS connection:

    yc dns inbound-endpoint create --name dns-ep \
  --description 'DNS Inbound' \
  --network-id enpd3..........39qap \
  --address-id e3gck..........qd6j2

    Where:

    • --name: Connection name. It must be unique within a folder.
    • --description: Connection description.
    • --network-id: ID of the VPC network in which the inbound DNS connection will be created.
    • --address-id: ID of the reserved IP address that will be used for the inbound DNS connection.

    Result:

    id: dnses..........9nh78
folder_id: b1g42..........5ghp2
name: dns-ep
description: DNS Inbound
address: 10.0.1.101
address_id: e3gck..........qd6j2
status: AVAILABLE

    Once created, you can test FQDN name resolution through the created DNS connection using the dig command.

    Result:

    dig @10.0.1.101 test-vm.ru-central1.internal

; <<>> DiG 9.18.39-0ubuntu0.24.04.3-Ubuntu <<>> test-vm.ru-central1.internal
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50976
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;test-vm.ru-central1.internal.INA				

;; ANSWER SECTION:
test-vm.ru-central1.internal. 600 IN A 10.0.1.15

;; Query time: 9 msec
;; SERVER: 10.0.1.101#53(10.0.1.101) (UDP)
;; WHEN: Tue Apr 28 13:44:20 UTC 2026
;; MSG SIZE  rcvd: 133

With Terraform, you can quickly create a cloud infrastructure in Yandex Cloud and manage it using configuration files. These files store the infrastructure description written in HashiCorp Configuration Language (HCL). If you change the configuration files, Terraform automatically detects which part of your configuration is already deployed, and what should be added or removed.

Terraform is distributed under the Business Source License. The Yandex Cloud provider for Terraform is distributed under the MPL-2.0 license.

For more information about the provider resources, see the relevant documentation on the Terraform website or its mirror.

If you do not have Terraform yet, install it and configure the Yandex Cloud provider.

To manage infrastructure using Terraform under a service account or user accounts (a Yandex account, a federated account, or a local user), authenticate using the appropriate method.

  1. In the configuration file, describe the resources you want to create:
resource "yandex_vpc_network" "my_net" {}

resource "yandex_vpc_subnet" "subnet1" {
  network_id     = yandex_vpc_network.my_net.id
  v4_cidr_blocks = ["10.0.1.0/24"]
}

resource "yandex_vpc_address" "dns_address" {
  name        = "dns-ep"
  description = "internal address for DNS inbound endpoint"

  internal_ipv4_address {
    subnet_id = yandex_vpc_subnet.subnet1.id
    address   = "10.0.1.101"
  }
  deletion_protection = false
}

resource "yandex_dns_inbound_endpoint" "dns_connection" {
  name        = "dns-ep"
  description = "DNS Inbound"

  network_id  = yandex_vpc_network.my_net.id
  address_id  = yandex_vpc_address.dns_address.id

  deletion_protection = false
}

Where:

  • name: Connection name. It must be unique within a folder.
  • description: Connection description.
  • network_id: ID of the VPC network in which the inbound DNS connection will be created.
  • address_id: ID of the reserved IP address that will be used for the inbound DNS connection.

  1. Create the resources:

    1. In the terminal, navigate to the configuration file directory.

    2. Make sure the configuration is correct using this command:

      terraform validate

      If the configuration is valid, you will get this message:

      Success! The configuration is valid.

    3. Run this command:

      terraform plan

      You will see a list of resources and their properties. No changes will be made at this step. Terraform will show any errors in the configuration.

    4. Apply the configuration changes:

      terraform apply

    5. Type yes and press Enter to confirm the changes.

    Terraform will create all the required resources. You can check the new resources in the management console or using this CLI command:

    yc dns inbound-endpoint get <connection_name>
Previous
Creating a filter
Next
Overview