Contact UsTry it for free
© 2026 Direct Cursus Technology L.L.C.

Creating a private DNS zone

Written by
Updated at May 5, 2026

To create a private DNS zone:

  1. In the management console, select the folder where you want to create your DNS zone.
  2. Select Cloud DNS.
  3. Click Create zone.
  4. Specify zone settings:
    1. Zone: Domain zone name. Note that it must end with a trailing dot. You cannot create top-level domain (TLD) zones. To create a domain zone with non-Latin characters, use Punycode encoding.
    2. Type: Internal.
    3. Specify the networks whose resources will belong to your new zone.
    4. Name of the zone.
  5. Click Create.

If you do not have the Yandex Cloud CLI yet, install and initialize it.

The folder used by default is the one specified when creating the CLI profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also specify a different folder for any command using --folder-name or --folder-id. If you access a resource by its name, the search will be limited to the default folder. If you access a resource by its ID, the search will be global, i.e., through all folders based on access permissions.

To create a new DNS zone:

  1. See the description of the CLI command for creating a DNS zone:

    yc dns zone create --help

  2. Create a new private DNS zone in the default folder:

    yc dns zone create --name <zone_name> \
  --zone <domain_zone>. \
  --private-visibility=true \
  --network-ids="<network_1_ID>","<network_2_ID>"

    Where:

    • --name: Zone name. Note that the zone name must be unique within a folder. This is an optional parameter.
    • --zone: Domain zone name. Note that it must end with a trailing dot. You cannot create top-level domain (TLD) zones. To create a domain zone with non-Latin characters, use Punycode encoding. This is a required setting.
    • --private-visibility: Enable this flag to create a private zone.
    • --network-ids: IDs of the networks whose resources will belong to the new zone.

    Result:

    id: aet29qhara5j********
folder_id: aoerb349v3h4********
created_at: "2021-02-21T09:21:03.935Z"
name: test-zone
zone: staging.
private_visibility:
  network_ids:
  - c645mh47vsc********
  - b335fbs4fvv********

With Terraform, you can quickly create a cloud infrastructure in Yandex Cloud and manage it using configuration files. These files store the infrastructure description written in HashiCorp Configuration Language (HCL). If you change the configuration files, Terraform automatically detects which part of your configuration is already deployed, and what should be added or removed.

Terraform is distributed under the Business Source License. The Yandex Cloud provider for Terraform is distributed under the MPL-2.0 license.

For more information about the provider resources, see the relevant documentation on the Terraform website or its mirror.

If you do not have Terraform yet, install it and configure the Yandex Cloud provider.

  1. In the configuration file, describe the resources you want to create:

    resource "yandex_dns_zone" "zone1" {
  name        = "<zone_name>"
  description = "<zone_description>"

  labels = {
    label1 = "<zone_label>"
  }

  zone    = "<domain_zone>."
  public           = false
  private_networks = ["<network_1_ID>","<network_2_ID"]
}

    Where:

    • name: Zone name. Note that the zone name must be unique within a folder. This is an optional parameter.
    • description: Zone description. This is an optional parameter.
    • labels: DNS zone labels. This is an optional parameter.
    • zone: Domain zone name. Note that it must end with a trailing dot. You cannot create top-level domain (TLD) zones. To create a domain zone with non-Latin characters, use Punycode encoding. This is a required setting.
    • public: Zone visibility, public or private. This is an optional parameter.
    • private_networks: IDs of the networks that will have access to the new zone’s DNS records. This is an optional parameter.

    For more information about the yandex_dns_zone resource properties, see the provider documentation.

  2. Create the resources:

    1. In the terminal, navigate to the configuration file directory.

    2. Make sure the configuration is correct using this command:

      terraform validate

      If the configuration is valid, you will get this message:

      Success! The configuration is valid.

    3. Run this command:

      terraform plan

      You will see a list of resources and their properties. No changes will be made at this step. Terraform will show any errors in the configuration.

    4. Apply the configuration changes:

      terraform apply

    5. Type yes and press Enter to confirm the changes.

    Terraform will create all required resources. You can check the new resources in the management console or using this CLI command:

    yc dns zone get <zone_name>

To create a private DNS zone, use the create REST API method for the DnsZone resource or the DnsZoneService/Create gRPC API call.

Previous
All guides
Next
Creating a public DNS zone