Contact UsGet started
© 2025 Direct Cursus Technology L.L.C.

Creating a private DNS zone

Written by
Updated at July 29, 2025

To create a private DNS zone:

  1. In the management console, select the folder where you want to create your DNS zone.
  2. Select Cloud DNS.
  3. Click Create zone.
  4. Specify zone settings:
    1. Zone: Domain zone name. Note that it must end with a trailing dot. You cannot create top-level domain (TLD) zones. To create a domain zone with non-Latin characters, use Punycode encoding.
    2. Type: Internal.
    3. Specify the networks whose resources will belong to your new zone.
    4. Name of the zone.
  5. Click Create.

If you do not have the Yandex Cloud CLI installed yet, install and initialize it.

By default, the CLI uses the folder specified when creating the profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also set a different folder for any specific command using the --folder-name or --folder-id parameter.

To create a new DNS zone:

  1. See the description of the CLI command for creating a DNS zone:

    yc dns zone create --help

  2. Create a new private DNS zone in the default folder:

    yc dns zone create --name <zone_name> \
  --zone <domain_zone>. \
  --private-visibility=true \
  --network-ids="<network_1_ID>","<network_2_ID>"

    Where:

    • --name: Zone name. Note that the zone name must be unique within a folder. This is an optional parameter.
    • --zone: Domain zone name. Note that it must end with a trailing dot. You cannot create top-level domain (TLD) zones. To create a domain zone with non-Latin characters, use Punycode encoding. This is a required setting.
    • --private-visibility: Enable this flag to create a private zone.
    • --network-ids: IDs of the networks whose resources will belong to the new zone.

    Result:

    id: aet29qhara5j********
folder_id: aoerb349v3h4********
created_at: "2021-02-21T09:21:03.935Z"
name: test-zone
zone: staging.
private_visibility:
  network_ids:
  - c645mh47vsc********
  - b335fbs4fvv********

With Terraform, you can quickly create a cloud infrastructure in Yandex Cloud and manage it using configuration files. These files store the infrastructure description written in HashiCorp Configuration Language (HCL). If you change the configuration files, Terraform automatically detects which part of your configuration is already deployed, and what should be added or removed.

Terraform is distributed under the Business Source License. The Yandex Cloud provider for Terraform is distributed under the MPL-2.0 license.

For more information about the provider resources, see the relevant documentation on the Terraform website or its mirror.

If you do not have Terraform yet, install it and configure the Yandex Cloud provider.

  1. In the configuration file, describe the resources you want to create:

    resource "yandex_dns_zone" "zone1" {
  name        = "<zone_name>"
  description = "<zone_description>"

  labels = {
    label1 = "<zone_label>"
  }

  zone    = "<domain_zone>."
  public           = false
  private_networks = ["<network_1_ID>","<network_2_ID"]
}

    Where:

    • name: Zone name. Note that the zone name must be unique within a folder. This is an optional parameter.
    • description: Zone description. This is an optional parameter.
    • labels: DNS zone labels. This is an optional parameter.
    • zone: Domain zone name. Note that it must end with a trailing dot. You cannot create top-level domain (TLD) zones. To create a domain zone with non-Latin characters, use Punycode encoding. This is a required setting.
    • public: Zone visibility, public or private. This is an optional parameter.
    • private_networks: IDs of the networks that will have access to the new zone’s DNS records. This is an optional parameter.

    For more information about the yandex_dns_zone resource properties, see the provider documentation.

  2. Create the resources:

    1. In the terminal, go to the directory where you edited the configuration file.

    2. Make sure the configuration file is correct using this command:

      terraform validate

      If the configuration is correct, you will get this message:

      Success! The configuration is valid.

    3. Run this command:

      terraform plan

      You will see a detailed list of resources. No changes will be made at this step. If the configuration contains any errors, Terraform will show them.

    4. Apply the changes:

      terraform apply

    5. Type yes and press Enter to confirm the changes.

    Terraform will create all required resources. You can check the new resources in the management console or using this CLI command:

    yc dns zone get <zone_name>

To create a private DNS zone, use the create REST API method for the DnsZone resource or the DnsZoneService/Create gRPC API call.

Previous
All guides
Next
Creating a public DNS zone