Oracle Cloud Infrastructure v2.33.0, May 1 25

Oracle Cloud Infrastructure v2.33.0 published on Thursday, May 1, 2025 by Pulumi

oci.Dns.Zone

Explore with Pulumi AI

Oracle Cloud Infrastructure v2.33.0 published on Thursday, May 1, 2025 by Pulumi

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";

const testZone = new oci.dns.Zone("test_zone", {
    compartmentId: compartmentId,
    name: zoneName,
    zoneType: zoneZoneType,
    definedTags: zoneDefinedTags,
    dnssecState: zoneDnssecState,
    externalDownstreams: [{
        address: zoneExternalDownstreamsAddress,
        port: zoneExternalDownstreamsPort,
        tsigKeyId: testTsigKey.id,
    }],
    externalMasters: [{
        address: zoneExternalMastersAddress,
        port: zoneExternalMastersPort,
        tsigKeyId: testTsigKey.id,
    }],
    freeformTags: zoneFreeformTags,
    scope: zoneScope,
    viewId: testView.id,
});

import pulumi
import pulumi_oci as oci

test_zone = oci.dns.Zone("test_zone",
    compartment_id=compartment_id,
    name=zone_name,
    zone_type=zone_zone_type,
    defined_tags=zone_defined_tags,
    dnssec_state=zone_dnssec_state,
    external_downstreams=[{
        "address": zone_external_downstreams_address,
        "port": zone_external_downstreams_port,
        "tsig_key_id": test_tsig_key["id"],
    }],
    external_masters=[{
        "address": zone_external_masters_address,
        "port": zone_external_masters_port,
        "tsig_key_id": test_tsig_key["id"],
    }],
    freeform_tags=zone_freeform_tags,
    scope=zone_scope,
    view_id=test_view["id"])

package main

import (
	"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/dns"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := dns.NewZone(ctx, "test_zone", &dns.ZoneArgs{
			CompartmentId: pulumi.Any(compartmentId),
			Name:          pulumi.Any(zoneName),
			ZoneType:      pulumi.Any(zoneZoneType),
			DefinedTags:   pulumi.Any(zoneDefinedTags),
			DnssecState:   pulumi.Any(zoneDnssecState),
			ExternalDownstreams: dns.ZoneExternalDownstreamArray{
				&dns.ZoneExternalDownstreamArgs{
					Address:   pulumi.Any(zoneExternalDownstreamsAddress),
					Port:      pulumi.Any(zoneExternalDownstreamsPort),
					TsigKeyId: pulumi.Any(testTsigKey.Id),
				},
			},
			ExternalMasters: dns.ZoneExternalMasterArray{
				&dns.ZoneExternalMasterArgs{
					Address:   pulumi.Any(zoneExternalMastersAddress),
					Port:      pulumi.Any(zoneExternalMastersPort),
					TsigKeyId: pulumi.Any(testTsigKey.Id),
				},
			},
			FreeformTags: pulumi.Any(zoneFreeformTags),
			Scope:        pulumi.Any(zoneScope),
			ViewId:       pulumi.Any(testView.Id),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;

return await Deployment.RunAsync(() => 
{
    var testZone = new Oci.Dns.Zone("test_zone", new()
    {
        CompartmentId = compartmentId,
        Name = zoneName,
        ZoneType = zoneZoneType,
        DefinedTags = zoneDefinedTags,
        DnssecState = zoneDnssecState,
        ExternalDownstreams = new[]
        {
            new Oci.Dns.Inputs.ZoneExternalDownstreamArgs
            {
                Address = zoneExternalDownstreamsAddress,
                Port = zoneExternalDownstreamsPort,
                TsigKeyId = testTsigKey.Id,
            },
        },
        ExternalMasters = new[]
        {
            new Oci.Dns.Inputs.ZoneExternalMasterArgs
            {
                Address = zoneExternalMastersAddress,
                Port = zoneExternalMastersPort,
                TsigKeyId = testTsigKey.Id,
            },
        },
        FreeformTags = zoneFreeformTags,
        Scope = zoneScope,
        ViewId = testView.Id,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.Dns.Zone;
import com.pulumi.oci.Dns.ZoneArgs;
import com.pulumi.oci.Dns.inputs.ZoneExternalDownstreamArgs;
import com.pulumi.oci.Dns.inputs.ZoneExternalMasterArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testZone = new Zone("testZone", ZoneArgs.builder()
            .compartmentId(compartmentId)
            .name(zoneName)
            .zoneType(zoneZoneType)
            .definedTags(zoneDefinedTags)
            .dnssecState(zoneDnssecState)
            .externalDownstreams(ZoneExternalDownstreamArgs.builder()
                .address(zoneExternalDownstreamsAddress)
                .port(zoneExternalDownstreamsPort)
                .tsigKeyId(testTsigKey.id())
                .build())
            .externalMasters(ZoneExternalMasterArgs.builder()
                .address(zoneExternalMastersAddress)
                .port(zoneExternalMastersPort)
                .tsigKeyId(testTsigKey.id())
                .build())
            .freeformTags(zoneFreeformTags)
            .scope(zoneScope)
            .viewId(testView.id())
            .build());

    }
}

resources:
  testZone:
    type: oci:Dns:Zone
    name: test_zone
    properties:
      compartmentId: ${compartmentId}
      name: ${zoneName}
      zoneType: ${zoneZoneType}
      definedTags: ${zoneDefinedTags}
      dnssecState: ${zoneDnssecState}
      externalDownstreams:
        - address: ${zoneExternalDownstreamsAddress}
          port: ${zoneExternalDownstreamsPort}
          tsigKeyId: ${testTsigKey.id}
      externalMasters:
        - address: ${zoneExternalMastersAddress}
          port: ${zoneExternalMastersPort}
          tsigKeyId: ${testTsigKey.id}
      freeformTags: ${zoneFreeformTags}
      scope: ${zoneScope}
      viewId: ${testView.id}

Create Zone Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Zone(name: string, args: ZoneArgs, opts?: CustomResourceOptions);

@overload
def Zone(resource_name: str,
         args: ZoneArgs,
         opts: Optional[ResourceOptions] = None)

@overload
def Zone(resource_name: str,
         opts: Optional[ResourceOptions] = None,
         compartment_id: Optional[str] = None,
         zone_type: Optional[str] = None,
         defined_tags: Optional[Mapping[str, str]] = None,
         dnssec_state: Optional[str] = None,
         external_downstreams: Optional[Sequence[ZoneExternalDownstreamArgs]] = None,
         external_masters: Optional[Sequence[ZoneExternalMasterArgs]] = None,
         freeform_tags: Optional[Mapping[str, str]] = None,
         name: Optional[str] = None,
         scope: Optional[str] = None,
         view_id: Optional[str] = None)

func NewZone(ctx *Context, name string, args ZoneArgs, opts ...ResourceOption) (*Zone, error)

public Zone(string name, ZoneArgs args, CustomResourceOptions? opts = null)

public Zone(String name, ZoneArgs args)
public Zone(String name, ZoneArgs args, CustomResourceOptions options)

type: oci:Dns:Zone
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ZoneArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ZoneArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ZoneArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ZoneArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ZoneArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var zoneResource = new Oci.Dns.Zone("zoneResource", new()
{
    CompartmentId = "string",
    ZoneType = "string",
    DefinedTags = 
    {
        { "string", "string" },
    },
    DnssecState = "string",
    ExternalDownstreams = new[]
    {
        new Oci.Dns.Inputs.ZoneExternalDownstreamArgs
        {
            Address = "string",
            Port = 0,
            TsigKeyId = "string",
        },
    },
    ExternalMasters = new[]
    {
        new Oci.Dns.Inputs.ZoneExternalMasterArgs
        {
            Address = "string",
            Port = 0,
            TsigKeyId = "string",
        },
    },
    FreeformTags = 
    {
        { "string", "string" },
    },
    Name = "string",
    Scope = "string",
    ViewId = "string",
});

example, err := dns.NewZone(ctx, "zoneResource", &dns.ZoneArgs{
	CompartmentId: pulumi.String("string"),
	ZoneType:      pulumi.String("string"),
	DefinedTags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	DnssecState: pulumi.String("string"),
	ExternalDownstreams: dns.ZoneExternalDownstreamArray{
		&dns.ZoneExternalDownstreamArgs{
			Address:   pulumi.String("string"),
			Port:      pulumi.Int(0),
			TsigKeyId: pulumi.String("string"),
		},
	},
	ExternalMasters: dns.ZoneExternalMasterArray{
		&dns.ZoneExternalMasterArgs{
			Address:   pulumi.String("string"),
			Port:      pulumi.Int(0),
			TsigKeyId: pulumi.String("string"),
		},
	},
	FreeformTags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	Name:   pulumi.String("string"),
	Scope:  pulumi.String("string"),
	ViewId: pulumi.String("string"),
})

var zoneResource = new Zone("zoneResource", ZoneArgs.builder()
    .compartmentId("string")
    .zoneType("string")
    .definedTags(Map.of("string", "string"))
    .dnssecState("string")
    .externalDownstreams(ZoneExternalDownstreamArgs.builder()
        .address("string")
        .port(0)
        .tsigKeyId("string")
        .build())
    .externalMasters(ZoneExternalMasterArgs.builder()
        .address("string")
        .port(0)
        .tsigKeyId("string")
        .build())
    .freeformTags(Map.of("string", "string"))
    .name("string")
    .scope("string")
    .viewId("string")
    .build());

zone_resource = oci.dns.Zone("zoneResource",
    compartment_id="string",
    zone_type="string",
    defined_tags={
        "string": "string",
    },
    dnssec_state="string",
    external_downstreams=[{
        "address": "string",
        "port": 0,
        "tsig_key_id": "string",
    }],
    external_masters=[{
        "address": "string",
        "port": 0,
        "tsig_key_id": "string",
    }],
    freeform_tags={
        "string": "string",
    },
    name="string",
    scope="string",
    view_id="string")

const zoneResource = new oci.dns.Zone("zoneResource", {
    compartmentId: "string",
    zoneType: "string",
    definedTags: {
        string: "string",
    },
    dnssecState: "string",
    externalDownstreams: [{
        address: "string",
        port: 0,
        tsigKeyId: "string",
    }],
    externalMasters: [{
        address: "string",
        port: 0,
        tsigKeyId: "string",
    }],
    freeformTags: {
        string: "string",
    },
    name: "string",
    scope: "string",
    viewId: "string",
});

type: oci:Dns:Zone
properties:
    compartmentId: string
    definedTags:
        string: string
    dnssecState: string
    externalDownstreams:
        - address: string
          port: 0
          tsigKeyId: string
    externalMasters:
        - address: string
          port: 0
          tsigKeyId: string
    freeformTags:
        string: string
    name: string
    scope: string
    viewId: string
    zoneType: string

Zone Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Zone resource accepts the following input properties:

CompartmentId string

(Updatable) The OCID of the compartment containing the zone.

ZoneType string

The type of the zone. Must be either PRIMARY or SECONDARY. SECONDARY is only supported for GLOBAL zones.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

DefinedTags Dictionary<string, string>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.

Example: {"Operations": {"CostCenter": "42"}}

DnssecState string

(Updatable) The state of DNSSEC on the zone.

For DNSSEC to function, every parent zone in the DNS tree up to the top-level domain (or an independent trust anchor) must also have DNSSEC correctly set up. After enabling DNSSEC, you must add a DS record to the zone's parent zone containing the KskDnssecKeyVersion data. You can find the DS data in the dsData attribute of the KskDnssecKeyVersion. Then, use the PromoteZoneDnssecKeyVersion operation to promote the KskDnssecKeyVersion.

New KskDnssecKeyVersions are generated annually, a week before the existing KskDnssecKeyVersion's expiration. To rollover a KskDnssecKeyVersion, you must replace the parent zone's DS record containing the old KskDnssecKeyVersion data with the data from the new KskDnssecKeyVersion.

To remove the old DS record without causing service disruption, wait until the old DS record's TTL has expired, and the new DS record has propagated. After the DS replacement has been completed, then the PromoteZoneDnssecKeyVersion operation must be called.

Metrics are emitted in the oci_dns namespace daily for each KskDnssecKeyVersion indicating how many days are left until expiration. We recommend that you set up alarms and notifications for KskDnssecKeyVersion expiration so that the necessary parent zone updates can be made and the PromoteZoneDnssecKeyVersion operation can be called.

Enabling DNSSEC results in additional records in DNS responses which increases their size and can cause higher response latency.

For more information, see DNSSEC.

ExternalDownstreams List<ZoneExternalDownstream>

(Updatable) External secondary servers for the zone. This field is currently not supported when zoneType is SECONDARY or scope is PRIVATE.

ExternalMasters List<ZoneExternalMaster>

(Updatable) External master servers for the zone. externalMasters becomes a required parameter when the zoneType value is SECONDARY.

FreeformTags Dictionary<string, string>

(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.

Example: {"Department": "Finance"}

Name string

The name of the zone.

Scope string

Specifies to operate only on resources that have a matching DNS scope. This value will be null for zones in the global DNS and PRIVATE when creating a private zone.

ViewId string

The OCID of the private view containing the zone. This value will be null for zones in the global DNS, which are publicly resolvable and not part of a private view.

CompartmentId string

(Updatable) The OCID of the compartment containing the zone.

ZoneType string

The type of the zone. Must be either PRIMARY or SECONDARY. SECONDARY is only supported for GLOBAL zones.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

DefinedTags map[string]string

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.

Example: {"Operations": {"CostCenter": "42"}}

DnssecState string

(Updatable) The state of DNSSEC on the zone.

Enabling DNSSEC results in additional records in DNS responses which increases their size and can cause higher response latency.

For more information, see DNSSEC.

ExternalDownstreams []ZoneExternalDownstreamArgs

(Updatable) External secondary servers for the zone. This field is currently not supported when zoneType is SECONDARY or scope is PRIVATE.

ExternalMasters []ZoneExternalMasterArgs

(Updatable) External master servers for the zone. externalMasters becomes a required parameter when the zoneType value is SECONDARY.

FreeformTags map[string]string

(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.

Example: {"Department": "Finance"}

Name string

The name of the zone.

Scope string

Specifies to operate only on resources that have a matching DNS scope. This value will be null for zones in the global DNS and PRIVATE when creating a private zone.

ViewId string

The OCID of the private view containing the zone. This value will be null for zones in the global DNS, which are publicly resolvable and not part of a private view.

compartmentId String

(Updatable) The OCID of the compartment containing the zone.

zoneType String

The type of the zone. Must be either PRIMARY or SECONDARY. SECONDARY is only supported for GLOBAL zones.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

definedTags Map<String,String>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.

Example: {"Operations": {"CostCenter": "42"}}

dnssecState String

(Updatable) The state of DNSSEC on the zone.

Enabling DNSSEC results in additional records in DNS responses which increases their size and can cause higher response latency.

For more information, see DNSSEC.

externalDownstreams List<ZoneExternalDownstream>

(Updatable) External secondary servers for the zone. This field is currently not supported when zoneType is SECONDARY or scope is PRIVATE.

externalMasters List<ZoneExternalMaster>

(Updatable) External master servers for the zone. externalMasters becomes a required parameter when the zoneType value is SECONDARY.

freeformTags Map<String,String>

(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.

Example: {"Department": "Finance"}

name String

The name of the zone.

scope String

Specifies to operate only on resources that have a matching DNS scope. This value will be null for zones in the global DNS and PRIVATE when creating a private zone.

viewId String

The OCID of the private view containing the zone. This value will be null for zones in the global DNS, which are publicly resolvable and not part of a private view.

compartmentId string

(Updatable) The OCID of the compartment containing the zone.

zoneType string

The type of the zone. Must be either PRIMARY or SECONDARY. SECONDARY is only supported for GLOBAL zones.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

definedTags {[key: string]: string}

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.

Example: {"Operations": {"CostCenter": "42"}}

dnssecState string

(Updatable) The state of DNSSEC on the zone.

Enabling DNSSEC results in additional records in DNS responses which increases their size and can cause higher response latency.

For more information, see DNSSEC.

externalDownstreams ZoneExternalDownstream[]

(Updatable) External secondary servers for the zone. This field is currently not supported when zoneType is SECONDARY or scope is PRIVATE.

externalMasters ZoneExternalMaster[]

(Updatable) External master servers for the zone. externalMasters becomes a required parameter when the zoneType value is SECONDARY.

freeformTags {[key: string]: string}

(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.

Example: {"Department": "Finance"}

name string

The name of the zone.

scope string

Specifies to operate only on resources that have a matching DNS scope. This value will be null for zones in the global DNS and PRIVATE when creating a private zone.

viewId string

The OCID of the private view containing the zone. This value will be null for zones in the global DNS, which are publicly resolvable and not part of a private view.

compartment_id str

(Updatable) The OCID of the compartment containing the zone.

zone_type str

The type of the zone. Must be either PRIMARY or SECONDARY. SECONDARY is only supported for GLOBAL zones.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

defined_tags Mapping[str, str]

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.

Example: {"Operations": {"CostCenter": "42"}}

dnssec_state str

(Updatable) The state of DNSSEC on the zone.

Enabling DNSSEC results in additional records in DNS responses which increases their size and can cause higher response latency.

For more information, see DNSSEC.

external_downstreams Sequence[ZoneExternalDownstreamArgs]

(Updatable) External secondary servers for the zone. This field is currently not supported when zoneType is SECONDARY or scope is PRIVATE.

external_masters Sequence[ZoneExternalMasterArgs]

(Updatable) External master servers for the zone. externalMasters becomes a required parameter when the zoneType value is SECONDARY.

freeform_tags Mapping[str, str]

(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.

Example: {"Department": "Finance"}

name str

The name of the zone.

scope str

Specifies to operate only on resources that have a matching DNS scope. This value will be null for zones in the global DNS and PRIVATE when creating a private zone.

view_id str

The OCID of the private view containing the zone. This value will be null for zones in the global DNS, which are publicly resolvable and not part of a private view.

compartmentId String

(Updatable) The OCID of the compartment containing the zone.

zoneType String

The type of the zone. Must be either PRIMARY or SECONDARY. SECONDARY is only supported for GLOBAL zones.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

definedTags Map<String>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.

Example: {"Operations": {"CostCenter": "42"}}

dnssecState String

(Updatable) The state of DNSSEC on the zone.

Enabling DNSSEC results in additional records in DNS responses which increases their size and can cause higher response latency.

For more information, see DNSSEC.

externalDownstreams List<Property Map>

(Updatable) External secondary servers for the zone. This field is currently not supported when zoneType is SECONDARY or scope is PRIVATE.

externalMasters List<Property Map>

(Updatable) External master servers for the zone. externalMasters becomes a required parameter when the zoneType value is SECONDARY.

freeformTags Map<String>

(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.

Example: {"Department": "Finance"}

name String

The name of the zone.

scope String

Specifies to operate only on resources that have a matching DNS scope. This value will be null for zones in the global DNS and PRIVATE when creating a private zone.

viewId String

The OCID of the private view containing the zone. This value will be null for zones in the global DNS, which are publicly resolvable and not part of a private view.

Outputs

All input properties are implicitly available as output properties. Additionally, the Zone resource produces the following output properties:

DnssecConfigs List<ZoneDnssecConfig>: DNSSEC configuration data.
Id string: The provider-assigned unique ID for this managed resource.
IsProtected bool: A Boolean flag indicating whether or not parts of the resource are unable to be explicitly managed.
Nameservers List<ZoneNameserver>: The authoritative nameservers for the zone.
Self string: The canonical absolute URL of the resource.
Serial int: The current serial of the zone. As seen in the zone's SOA record.
State string: The current state of the zone resource.
TimeCreated string: The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.
Version string: Version is the never-repeating, totally-orderable, version of the zone, from which the serial field of the zone's SOA record is derived.
ZoneTransferServers List<ZoneZoneTransferServer>: The Oracle Cloud Infrastructure nameservers that transfer the zone data with external nameservers.

DnssecConfigs []ZoneDnssecConfig: DNSSEC configuration data.
Id string: The provider-assigned unique ID for this managed resource.
IsProtected bool: A Boolean flag indicating whether or not parts of the resource are unable to be explicitly managed.
Nameservers []ZoneNameserver: The authoritative nameservers for the zone.
Self string: The canonical absolute URL of the resource.
Serial int: The current serial of the zone. As seen in the zone's SOA record.
State string: The current state of the zone resource.
TimeCreated string: The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.
Version string: Version is the never-repeating, totally-orderable, version of the zone, from which the serial field of the zone's SOA record is derived.
ZoneTransferServers []ZoneZoneTransferServer: The Oracle Cloud Infrastructure nameservers that transfer the zone data with external nameservers.

dnssecConfigs List<ZonesecConfig>: DNSSEC configuration data.
id String: The provider-assigned unique ID for this managed resource.
isProtected Boolean: A Boolean flag indicating whether or not parts of the resource are unable to be explicitly managed.
nameservers List<ZoneNameserver>: The authoritative nameservers for the zone.
self String: The canonical absolute URL of the resource.
serial Integer: The current serial of the zone. As seen in the zone's SOA record.
state String: The current state of the zone resource.
timeCreated String: The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.
version String: Version is the never-repeating, totally-orderable, version of the zone, from which the serial field of the zone's SOA record is derived.
zoneTransferServers List<ZoneZoneTransferServer>: The Oracle Cloud Infrastructure nameservers that transfer the zone data with external nameservers.

dnssecConfigs ZoneDnssecConfig[]: DNSSEC configuration data.
id string: The provider-assigned unique ID for this managed resource.
isProtected boolean: A Boolean flag indicating whether or not parts of the resource are unable to be explicitly managed.
nameservers ZoneNameserver[]: The authoritative nameservers for the zone.
self string: The canonical absolute URL of the resource.
serial number: The current serial of the zone. As seen in the zone's SOA record.
state string: The current state of the zone resource.
timeCreated string: The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.
version string: Version is the never-repeating, totally-orderable, version of the zone, from which the serial field of the zone's SOA record is derived.
zoneTransferServers ZoneZoneTransferServer[]: The Oracle Cloud Infrastructure nameservers that transfer the zone data with external nameservers.

dnssec_configs Sequence[ZoneDnssecConfig]: DNSSEC configuration data.
id str: The provider-assigned unique ID for this managed resource.
is_protected bool: A Boolean flag indicating whether or not parts of the resource are unable to be explicitly managed.
nameservers Sequence[ZoneNameserver]: The authoritative nameservers for the zone.
self str: The canonical absolute URL of the resource.
serial int: The current serial of the zone. As seen in the zone's SOA record.
state str: The current state of the zone resource.
time_created str: The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.
version str: Version is the never-repeating, totally-orderable, version of the zone, from which the serial field of the zone's SOA record is derived.
zone_transfer_servers Sequence[ZoneZoneTransferServer]: The Oracle Cloud Infrastructure nameservers that transfer the zone data with external nameservers.

dnssecConfigs List<Property Map>: DNSSEC configuration data.
id String: The provider-assigned unique ID for this managed resource.
isProtected Boolean: A Boolean flag indicating whether or not parts of the resource are unable to be explicitly managed.
nameservers List<Property Map>: The authoritative nameservers for the zone.
self String: The canonical absolute URL of the resource.
serial Number: The current serial of the zone. As seen in the zone's SOA record.
state String: The current state of the zone resource.
timeCreated String: The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.
version String: Version is the never-repeating, totally-orderable, version of the zone, from which the serial field of the zone's SOA record is derived.
zoneTransferServers List<Property Map>: The Oracle Cloud Infrastructure nameservers that transfer the zone data with external nameservers.

Look up Existing Zone Resource

Get an existing Zone resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ZoneState, opts?: CustomResourceOptions): Zone

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        compartment_id: Optional[str] = None,
        defined_tags: Optional[Mapping[str, str]] = None,
        dnssec_configs: Optional[Sequence[ZoneDnssecConfigArgs]] = None,
        dnssec_state: Optional[str] = None,
        external_downstreams: Optional[Sequence[ZoneExternalDownstreamArgs]] = None,
        external_masters: Optional[Sequence[ZoneExternalMasterArgs]] = None,
        freeform_tags: Optional[Mapping[str, str]] = None,
        is_protected: Optional[bool] = None,
        name: Optional[str] = None,
        nameservers: Optional[Sequence[ZoneNameserverArgs]] = None,
        scope: Optional[str] = None,
        self: Optional[str] = None,
        serial: Optional[int] = None,
        state: Optional[str] = None,
        time_created: Optional[str] = None,
        version: Optional[str] = None,
        view_id: Optional[str] = None,
        zone_transfer_servers: Optional[Sequence[ZoneZoneTransferServerArgs]] = None,
        zone_type: Optional[str] = None) -> Zone

func GetZone(ctx *Context, name string, id IDInput, state *ZoneState, opts ...ResourceOption) (*Zone, error)

public static Zone Get(string name, Input<string> id, ZoneState? state, CustomResourceOptions? opts = null)

public static Zone get(String name, Output<String> id, ZoneState state, CustomResourceOptions options)

resources:  _:    type: oci:Dns:Zone    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

CompartmentId string

(Updatable) The OCID of the compartment containing the zone.

DefinedTags Dictionary<string, string>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.

Example: {"Operations": {"CostCenter": "42"}}

DnssecConfigs List<ZoneDnssecConfig>

DNSSEC configuration data.

DnssecState string

(Updatable) The state of DNSSEC on the zone.

Enabling DNSSEC results in additional records in DNS responses which increases their size and can cause higher response latency.

For more information, see DNSSEC.

ExternalDownstreams List<ZoneExternalDownstream>

(Updatable) External secondary servers for the zone. This field is currently not supported when zoneType is SECONDARY or scope is PRIVATE.

ExternalMasters List<ZoneExternalMaster>

(Updatable) External master servers for the zone. externalMasters becomes a required parameter when the zoneType value is SECONDARY.

FreeformTags Dictionary<string, string>

(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.

Example: {"Department": "Finance"}

IsProtected bool

A Boolean flag indicating whether or not parts of the resource are unable to be explicitly managed.

Name string

The name of the zone.

Nameservers List<ZoneNameserver>

The authoritative nameservers for the zone.

Scope string

Specifies to operate only on resources that have a matching DNS scope. This value will be null for zones in the global DNS and PRIVATE when creating a private zone.

Self string

The canonical absolute URL of the resource.

Serial int

The current serial of the zone. As seen in the zone's SOA record.

State string

The current state of the zone resource.

TimeCreated string

The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.

Version string

Version is the never-repeating, totally-orderable, version of the zone, from which the serial field of the zone's SOA record is derived.

ViewId string

The OCID of the private view containing the zone. This value will be null for zones in the global DNS, which are publicly resolvable and not part of a private view.

ZoneTransferServers List<ZoneZoneTransferServer>

The Oracle Cloud Infrastructure nameservers that transfer the zone data with external nameservers.

ZoneType string

The type of the zone. Must be either PRIMARY or SECONDARY. SECONDARY is only supported for GLOBAL zones.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

CompartmentId string

(Updatable) The OCID of the compartment containing the zone.

DefinedTags map[string]string

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.

Example: {"Operations": {"CostCenter": "42"}}

DnssecConfigs []ZoneDnssecConfigArgs

DNSSEC configuration data.

DnssecState string

(Updatable) The state of DNSSEC on the zone.

Enabling DNSSEC results in additional records in DNS responses which increases their size and can cause higher response latency.

For more information, see DNSSEC.

ExternalDownstreams []ZoneExternalDownstreamArgs

(Updatable) External secondary servers for the zone. This field is currently not supported when zoneType is SECONDARY or scope is PRIVATE.

ExternalMasters []ZoneExternalMasterArgs

(Updatable) External master servers for the zone. externalMasters becomes a required parameter when the zoneType value is SECONDARY.

FreeformTags map[string]string

(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.

Example: {"Department": "Finance"}

IsProtected bool

A Boolean flag indicating whether or not parts of the resource are unable to be explicitly managed.

Name string

The name of the zone.

Nameservers []ZoneNameserverArgs

The authoritative nameservers for the zone.

Scope string

Specifies to operate only on resources that have a matching DNS scope. This value will be null for zones in the global DNS and PRIVATE when creating a private zone.

Self string

The canonical absolute URL of the resource.

Serial int

The current serial of the zone. As seen in the zone's SOA record.

State string

The current state of the zone resource.

TimeCreated string

The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.

Version string

Version is the never-repeating, totally-orderable, version of the zone, from which the serial field of the zone's SOA record is derived.

ViewId string

The OCID of the private view containing the zone. This value will be null for zones in the global DNS, which are publicly resolvable and not part of a private view.

ZoneTransferServers []ZoneZoneTransferServerArgs

The Oracle Cloud Infrastructure nameservers that transfer the zone data with external nameservers.

ZoneType string

The type of the zone. Must be either PRIMARY or SECONDARY. SECONDARY is only supported for GLOBAL zones.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

compartmentId String

(Updatable) The OCID of the compartment containing the zone.

definedTags Map<String,String>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.

Example: {"Operations": {"CostCenter": "42"}}

dnssecConfigs List<ZonesecConfig>

DNSSEC configuration data.

dnssecState String

(Updatable) The state of DNSSEC on the zone.

Enabling DNSSEC results in additional records in DNS responses which increases their size and can cause higher response latency.

For more information, see DNSSEC.

externalDownstreams List<ZoneExternalDownstream>

(Updatable) External secondary servers for the zone. This field is currently not supported when zoneType is SECONDARY or scope is PRIVATE.

externalMasters List<ZoneExternalMaster>

(Updatable) External master servers for the zone. externalMasters becomes a required parameter when the zoneType value is SECONDARY.

freeformTags Map<String,String>

(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.

Example: {"Department": "Finance"}

isProtected Boolean

A Boolean flag indicating whether or not parts of the resource are unable to be explicitly managed.

name String

The name of the zone.

nameservers List<ZoneNameserver>

The authoritative nameservers for the zone.

scope String

Specifies to operate only on resources that have a matching DNS scope. This value will be null for zones in the global DNS and PRIVATE when creating a private zone.

self String

The canonical absolute URL of the resource.

serial Integer

The current serial of the zone. As seen in the zone's SOA record.

state String

The current state of the zone resource.

timeCreated String

The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.

version String

Version is the never-repeating, totally-orderable, version of the zone, from which the serial field of the zone's SOA record is derived.

viewId String

The OCID of the private view containing the zone. This value will be null for zones in the global DNS, which are publicly resolvable and not part of a private view.

zoneTransferServers List<ZoneZoneTransferServer>

The Oracle Cloud Infrastructure nameservers that transfer the zone data with external nameservers.

zoneType String

The type of the zone. Must be either PRIMARY or SECONDARY. SECONDARY is only supported for GLOBAL zones.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

compartmentId string

(Updatable) The OCID of the compartment containing the zone.

definedTags {[key: string]: string}

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.

Example: {"Operations": {"CostCenter": "42"}}

dnssecConfigs ZoneDnssecConfig[]

DNSSEC configuration data.

dnssecState string

(Updatable) The state of DNSSEC on the zone.

Enabling DNSSEC results in additional records in DNS responses which increases their size and can cause higher response latency.

For more information, see DNSSEC.

externalDownstreams ZoneExternalDownstream[]

(Updatable) External secondary servers for the zone. This field is currently not supported when zoneType is SECONDARY or scope is PRIVATE.

externalMasters ZoneExternalMaster[]

(Updatable) External master servers for the zone. externalMasters becomes a required parameter when the zoneType value is SECONDARY.

freeformTags {[key: string]: string}

(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.

Example: {"Department": "Finance"}

isProtected boolean

A Boolean flag indicating whether or not parts of the resource are unable to be explicitly managed.

name string

The name of the zone.

nameservers ZoneNameserver[]

The authoritative nameservers for the zone.

scope string

Specifies to operate only on resources that have a matching DNS scope. This value will be null for zones in the global DNS and PRIVATE when creating a private zone.

self string

The canonical absolute URL of the resource.

serial number

The current serial of the zone. As seen in the zone's SOA record.

state string

The current state of the zone resource.

timeCreated string

The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.

version string

Version is the never-repeating, totally-orderable, version of the zone, from which the serial field of the zone's SOA record is derived.

viewId string

The OCID of the private view containing the zone. This value will be null for zones in the global DNS, which are publicly resolvable and not part of a private view.

zoneTransferServers ZoneZoneTransferServer[]

The Oracle Cloud Infrastructure nameservers that transfer the zone data with external nameservers.

zoneType string

The type of the zone. Must be either PRIMARY or SECONDARY. SECONDARY is only supported for GLOBAL zones.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

compartment_id str

(Updatable) The OCID of the compartment containing the zone.

defined_tags Mapping[str, str]

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.

Example: {"Operations": {"CostCenter": "42"}}

dnssec_configs Sequence[ZoneDnssecConfigArgs]

DNSSEC configuration data.

dnssec_state str

(Updatable) The state of DNSSEC on the zone.

Enabling DNSSEC results in additional records in DNS responses which increases their size and can cause higher response latency.

For more information, see DNSSEC.

external_downstreams Sequence[ZoneExternalDownstreamArgs]

(Updatable) External secondary servers for the zone. This field is currently not supported when zoneType is SECONDARY or scope is PRIVATE.

external_masters Sequence[ZoneExternalMasterArgs]

(Updatable) External master servers for the zone. externalMasters becomes a required parameter when the zoneType value is SECONDARY.

freeform_tags Mapping[str, str]

(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.

Example: {"Department": "Finance"}

is_protected bool

A Boolean flag indicating whether or not parts of the resource are unable to be explicitly managed.

name str

The name of the zone.

nameservers Sequence[ZoneNameserverArgs]

The authoritative nameservers for the zone.

scope str

Specifies to operate only on resources that have a matching DNS scope. This value will be null for zones in the global DNS and PRIVATE when creating a private zone.

self str

The canonical absolute URL of the resource.

serial int

The current serial of the zone. As seen in the zone's SOA record.

state str

The current state of the zone resource.

time_created str

The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.

version str

Version is the never-repeating, totally-orderable, version of the zone, from which the serial field of the zone's SOA record is derived.

view_id str

The OCID of the private view containing the zone. This value will be null for zones in the global DNS, which are publicly resolvable and not part of a private view.

zone_transfer_servers Sequence[ZoneZoneTransferServerArgs]

The Oracle Cloud Infrastructure nameservers that transfer the zone data with external nameservers.

zone_type str

The type of the zone. Must be either PRIMARY or SECONDARY. SECONDARY is only supported for GLOBAL zones.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

compartmentId String

(Updatable) The OCID of the compartment containing the zone.

definedTags Map<String>

(Updatable) Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see Resource Tags.

Example: {"Operations": {"CostCenter": "42"}}

dnssecConfigs List<Property Map>

DNSSEC configuration data.

dnssecState String

(Updatable) The state of DNSSEC on the zone.

Enabling DNSSEC results in additional records in DNS responses which increases their size and can cause higher response latency.

For more information, see DNSSEC.

externalDownstreams List<Property Map>

(Updatable) External secondary servers for the zone. This field is currently not supported when zoneType is SECONDARY or scope is PRIVATE.

externalMasters List<Property Map>

(Updatable) External master servers for the zone. externalMasters becomes a required parameter when the zoneType value is SECONDARY.

freeformTags Map<String>

(Updatable) Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see Resource Tags.

Example: {"Department": "Finance"}

isProtected Boolean

A Boolean flag indicating whether or not parts of the resource are unable to be explicitly managed.

name String

The name of the zone.

nameservers List<Property Map>

The authoritative nameservers for the zone.

scope String

Specifies to operate only on resources that have a matching DNS scope. This value will be null for zones in the global DNS and PRIVATE when creating a private zone.

self String

The canonical absolute URL of the resource.

serial Number

The current serial of the zone. As seen in the zone's SOA record.

state String

The current state of the zone resource.

timeCreated String

The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.

version String

Version is the never-repeating, totally-orderable, version of the zone, from which the serial field of the zone's SOA record is derived.

viewId String

The OCID of the private view containing the zone. This value will be null for zones in the global DNS, which are publicly resolvable and not part of a private view.

zoneTransferServers List<Property Map>

The Oracle Cloud Infrastructure nameservers that transfer the zone data with external nameservers.

zoneType String

The type of the zone. Must be either PRIMARY or SECONDARY. SECONDARY is only supported for GLOBAL zones.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

Supporting Types

ZoneDnssecConfig, ZoneDnssecConfigArgs

KskDnssecKeyVersions List<ZoneDnssecConfigKskDnssecKeyVersion>: A read-only array of key signing key (KSK) versions.
ZskDnssecKeyVersions List<ZoneDnssecConfigZskDnssecKeyVersion>: A read-only array of zone signing key (ZSK) versions.

KskDnssecKeyVersions []ZoneDnssecConfigKskDnssecKeyVersion: A read-only array of key signing key (KSK) versions.
ZskDnssecKeyVersions []ZoneDnssecConfigZskDnssecKeyVersion: A read-only array of zone signing key (ZSK) versions.

kskDnssecKeyVersions List<ZonesecConfigKsksecKeyVersion>: A read-only array of key signing key (KSK) versions.
zskDnssecKeyVersions List<ZonesecConfigZsksecKeyVersion>: A read-only array of zone signing key (ZSK) versions.

kskDnssecKeyVersions ZoneDnssecConfigKskDnssecKeyVersion[]: A read-only array of key signing key (KSK) versions.
zskDnssecKeyVersions ZoneDnssecConfigZskDnssecKeyVersion[]: A read-only array of zone signing key (ZSK) versions.

ksk_dnssec_key_versions Sequence[ZoneDnssecConfigKskDnssecKeyVersion]: A read-only array of key signing key (KSK) versions.
zsk_dnssec_key_versions Sequence[ZoneDnssecConfigZskDnssecKeyVersion]: A read-only array of zone signing key (ZSK) versions.

kskDnssecKeyVersions List<Property Map>: A read-only array of key signing key (KSK) versions.
zskDnssecKeyVersions List<Property Map>: A read-only array of zone signing key (ZSK) versions.

ZoneDnssecConfigKskDnssecKeyVersion, ZoneDnssecConfigKskDnssecKeyVersionArgs

Algorithm string: The signing algorithm used for the key.
DsDatas List<ZoneDnssecConfigKskDnssecKeyVersionDsData>: An array of data for DS records corresponding with this key version. An entry will exist for each supported DS digest algorithm.
KeyTag int: The key tag associated with the DnssecKeyVersion. This key tag will be present in the RRSIG and DS records associated with the key material for this DnssecKeyVersion. For more information about key tags, see RFC 4034.
LengthInBytes int: The length of the corresponding private key in bytes, expressed as an integer.
PredecessorDnssecKeyVersionUuid string: When populated, this is the UUID of the DnssecKeyVersion that this DnssecKeyVersion will replace or has replaced.
SuccessorDnssecKeyVersionUuid string: When populated, this is the UUID of the DnssecKeyVersion that will replace, or has replaced, this DnssecKeyVersion.
TimeActivated string: The date and time the key version went, or will go, active, expressed in RFC 3339 timestamp format. This is when the key material will be used to generate RRSIGs.
TimeCreated string: The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.
TimeExpired string: The date and time at which the recommended key version publication/activation lifetime ends, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY should no longer exist in zone contents and no longer be used to generate RRSIGs. For a key sigining key (KSK), if PromoteZoneDnssecKeyVersion has not been called on this DnssecKeyVersion's successor then it will remain active for arbitrarily long past its recommended lifetime. This prevents service disruption at the potential increased risk of key compromise.
TimeInactivated string: The date and time the key version went, or will go, inactive, expressed in RFC 3339 timestamp format. This is when the key material will no longer be used to generate RRSIGs. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
TimePromoted string: The date and time the key version was promoted expressed in RFC 3339 timestamp format.
TimePublished string: The date and time the key version was, or will be, published, expressed in RFC 3339 timestamp format. This is when the zone contents will include a DNSKEY record corresponding to the key material.
TimeUnpublished string: The date and time the key version was, or will be, unpublished, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY will be removed from zone contents. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
Uuid string: The UUID of the DnssecKeyVersion.

Algorithm string: The signing algorithm used for the key.
DsDatas []ZoneDnssecConfigKskDnssecKeyVersionDsData: An array of data for DS records corresponding with this key version. An entry will exist for each supported DS digest algorithm.
KeyTag int: The key tag associated with the DnssecKeyVersion. This key tag will be present in the RRSIG and DS records associated with the key material for this DnssecKeyVersion. For more information about key tags, see RFC 4034.
LengthInBytes int: The length of the corresponding private key in bytes, expressed as an integer.
PredecessorDnssecKeyVersionUuid string: When populated, this is the UUID of the DnssecKeyVersion that this DnssecKeyVersion will replace or has replaced.
SuccessorDnssecKeyVersionUuid string: When populated, this is the UUID of the DnssecKeyVersion that will replace, or has replaced, this DnssecKeyVersion.
TimeActivated string: The date and time the key version went, or will go, active, expressed in RFC 3339 timestamp format. This is when the key material will be used to generate RRSIGs.
TimeCreated string: The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.
TimeExpired string: The date and time at which the recommended key version publication/activation lifetime ends, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY should no longer exist in zone contents and no longer be used to generate RRSIGs. For a key sigining key (KSK), if PromoteZoneDnssecKeyVersion has not been called on this DnssecKeyVersion's successor then it will remain active for arbitrarily long past its recommended lifetime. This prevents service disruption at the potential increased risk of key compromise.
TimeInactivated string: The date and time the key version went, or will go, inactive, expressed in RFC 3339 timestamp format. This is when the key material will no longer be used to generate RRSIGs. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
TimePromoted string: The date and time the key version was promoted expressed in RFC 3339 timestamp format.
TimePublished string: The date and time the key version was, or will be, published, expressed in RFC 3339 timestamp format. This is when the zone contents will include a DNSKEY record corresponding to the key material.
TimeUnpublished string: The date and time the key version was, or will be, unpublished, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY will be removed from zone contents. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
Uuid string: The UUID of the DnssecKeyVersion.

algorithm String: The signing algorithm used for the key.
dsDatas List<ZonesecConfigKsksecKeyVersionDsData>: An array of data for DS records corresponding with this key version. An entry will exist for each supported DS digest algorithm.
keyTag Integer: The key tag associated with the DnssecKeyVersion. This key tag will be present in the RRSIG and DS records associated with the key material for this DnssecKeyVersion. For more information about key tags, see RFC 4034.
lengthInBytes Integer: The length of the corresponding private key in bytes, expressed as an integer.
predecessorDnssecKeyVersionUuid String: When populated, this is the UUID of the DnssecKeyVersion that this DnssecKeyVersion will replace or has replaced.
successorDnssecKeyVersionUuid String: When populated, this is the UUID of the DnssecKeyVersion that will replace, or has replaced, this DnssecKeyVersion.
timeActivated String: The date and time the key version went, or will go, active, expressed in RFC 3339 timestamp format. This is when the key material will be used to generate RRSIGs.
timeCreated String: The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.
timeExpired String: The date and time at which the recommended key version publication/activation lifetime ends, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY should no longer exist in zone contents and no longer be used to generate RRSIGs. For a key sigining key (KSK), if PromoteZoneDnssecKeyVersion has not been called on this DnssecKeyVersion's successor then it will remain active for arbitrarily long past its recommended lifetime. This prevents service disruption at the potential increased risk of key compromise.
timeInactivated String: The date and time the key version went, or will go, inactive, expressed in RFC 3339 timestamp format. This is when the key material will no longer be used to generate RRSIGs. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
timePromoted String: The date and time the key version was promoted expressed in RFC 3339 timestamp format.
timePublished String: The date and time the key version was, or will be, published, expressed in RFC 3339 timestamp format. This is when the zone contents will include a DNSKEY record corresponding to the key material.
timeUnpublished String: The date and time the key version was, or will be, unpublished, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY will be removed from zone contents. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
uuid String: The UUID of the DnssecKeyVersion.

algorithm string: The signing algorithm used for the key.
dsDatas ZoneDnssecConfigKskDnssecKeyVersionDsData[]: An array of data for DS records corresponding with this key version. An entry will exist for each supported DS digest algorithm.
keyTag number: The key tag associated with the DnssecKeyVersion. This key tag will be present in the RRSIG and DS records associated with the key material for this DnssecKeyVersion. For more information about key tags, see RFC 4034.
lengthInBytes number: The length of the corresponding private key in bytes, expressed as an integer.
predecessorDnssecKeyVersionUuid string: When populated, this is the UUID of the DnssecKeyVersion that this DnssecKeyVersion will replace or has replaced.
successorDnssecKeyVersionUuid string: When populated, this is the UUID of the DnssecKeyVersion that will replace, or has replaced, this DnssecKeyVersion.
timeActivated string: The date and time the key version went, or will go, active, expressed in RFC 3339 timestamp format. This is when the key material will be used to generate RRSIGs.
timeCreated string: The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.
timeExpired string: The date and time at which the recommended key version publication/activation lifetime ends, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY should no longer exist in zone contents and no longer be used to generate RRSIGs. For a key sigining key (KSK), if PromoteZoneDnssecKeyVersion has not been called on this DnssecKeyVersion's successor then it will remain active for arbitrarily long past its recommended lifetime. This prevents service disruption at the potential increased risk of key compromise.
timeInactivated string: The date and time the key version went, or will go, inactive, expressed in RFC 3339 timestamp format. This is when the key material will no longer be used to generate RRSIGs. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
timePromoted string: The date and time the key version was promoted expressed in RFC 3339 timestamp format.
timePublished string: The date and time the key version was, or will be, published, expressed in RFC 3339 timestamp format. This is when the zone contents will include a DNSKEY record corresponding to the key material.
timeUnpublished string: The date and time the key version was, or will be, unpublished, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY will be removed from zone contents. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
uuid string: The UUID of the DnssecKeyVersion.

algorithm str: The signing algorithm used for the key.
ds_datas Sequence[ZoneDnssecConfigKskDnssecKeyVersionDsData]: An array of data for DS records corresponding with this key version. An entry will exist for each supported DS digest algorithm.
key_tag int: The key tag associated with the DnssecKeyVersion. This key tag will be present in the RRSIG and DS records associated with the key material for this DnssecKeyVersion. For more information about key tags, see RFC 4034.
length_in_bytes int: The length of the corresponding private key in bytes, expressed as an integer.
predecessor_dnssec_key_version_uuid str: When populated, this is the UUID of the DnssecKeyVersion that this DnssecKeyVersion will replace or has replaced.
successor_dnssec_key_version_uuid str: When populated, this is the UUID of the DnssecKeyVersion that will replace, or has replaced, this DnssecKeyVersion.
time_activated str: The date and time the key version went, or will go, active, expressed in RFC 3339 timestamp format. This is when the key material will be used to generate RRSIGs.
time_created str: The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.
time_expired str: The date and time at which the recommended key version publication/activation lifetime ends, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY should no longer exist in zone contents and no longer be used to generate RRSIGs. For a key sigining key (KSK), if PromoteZoneDnssecKeyVersion has not been called on this DnssecKeyVersion's successor then it will remain active for arbitrarily long past its recommended lifetime. This prevents service disruption at the potential increased risk of key compromise.
time_inactivated str: The date and time the key version went, or will go, inactive, expressed in RFC 3339 timestamp format. This is when the key material will no longer be used to generate RRSIGs. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
time_promoted str: The date and time the key version was promoted expressed in RFC 3339 timestamp format.
time_published str: The date and time the key version was, or will be, published, expressed in RFC 3339 timestamp format. This is when the zone contents will include a DNSKEY record corresponding to the key material.
time_unpublished str: The date and time the key version was, or will be, unpublished, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY will be removed from zone contents. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
uuid str: The UUID of the DnssecKeyVersion.

algorithm String: The signing algorithm used for the key.
dsDatas List<Property Map>: An array of data for DS records corresponding with this key version. An entry will exist for each supported DS digest algorithm.
keyTag Number: The key tag associated with the DnssecKeyVersion. This key tag will be present in the RRSIG and DS records associated with the key material for this DnssecKeyVersion. For more information about key tags, see RFC 4034.
lengthInBytes Number: The length of the corresponding private key in bytes, expressed as an integer.
predecessorDnssecKeyVersionUuid String: When populated, this is the UUID of the DnssecKeyVersion that this DnssecKeyVersion will replace or has replaced.
successorDnssecKeyVersionUuid String: When populated, this is the UUID of the DnssecKeyVersion that will replace, or has replaced, this DnssecKeyVersion.
timeActivated String: The date and time the key version went, or will go, active, expressed in RFC 3339 timestamp format. This is when the key material will be used to generate RRSIGs.
timeCreated String: The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.
timeExpired String: The date and time at which the recommended key version publication/activation lifetime ends, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY should no longer exist in zone contents and no longer be used to generate RRSIGs. For a key sigining key (KSK), if PromoteZoneDnssecKeyVersion has not been called on this DnssecKeyVersion's successor then it will remain active for arbitrarily long past its recommended lifetime. This prevents service disruption at the potential increased risk of key compromise.
timeInactivated String: The date and time the key version went, or will go, inactive, expressed in RFC 3339 timestamp format. This is when the key material will no longer be used to generate RRSIGs. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
timePromoted String: The date and time the key version was promoted expressed in RFC 3339 timestamp format.
timePublished String: The date and time the key version was, or will be, published, expressed in RFC 3339 timestamp format. This is when the zone contents will include a DNSKEY record corresponding to the key material.
timeUnpublished String: The date and time the key version was, or will be, unpublished, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY will be removed from zone contents. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
uuid String: The UUID of the DnssecKeyVersion.

ZoneDnssecConfigKskDnssecKeyVersionDsData, ZoneDnssecConfigKskDnssecKeyVersionDsDataArgs

DigestType string: The type of the digest associated with the rdata.
Rdata string: Presentation-format DS record data that must be added to the parent zone. For more information about RDATA, see Supported DNS Resource Record Types

DigestType string: The type of the digest associated with the rdata.
Rdata string: Presentation-format DS record data that must be added to the parent zone. For more information about RDATA, see Supported DNS Resource Record Types

digestType String: The type of the digest associated with the rdata.
rdata String: Presentation-format DS record data that must be added to the parent zone. For more information about RDATA, see Supported DNS Resource Record Types

digestType string: The type of the digest associated with the rdata.
rdata string: Presentation-format DS record data that must be added to the parent zone. For more information about RDATA, see Supported DNS Resource Record Types

digest_type str: The type of the digest associated with the rdata.
rdata str: Presentation-format DS record data that must be added to the parent zone. For more information about RDATA, see Supported DNS Resource Record Types

digestType String: The type of the digest associated with the rdata.
rdata String: Presentation-format DS record data that must be added to the parent zone. For more information about RDATA, see Supported DNS Resource Record Types

ZoneDnssecConfigZskDnssecKeyVersion, ZoneDnssecConfigZskDnssecKeyVersionArgs

Algorithm string: The signing algorithm used for the key.
KeyTag int: The key tag associated with the DnssecKeyVersion. This key tag will be present in the RRSIG and DS records associated with the key material for this DnssecKeyVersion. For more information about key tags, see RFC 4034.
LengthInBytes int: The length of the corresponding private key in bytes, expressed as an integer.
PredecessorDnssecKeyVersionUuid string: When populated, this is the UUID of the DnssecKeyVersion that this DnssecKeyVersion will replace or has replaced.
SuccessorDnssecKeyVersionUuid string: When populated, this is the UUID of the DnssecKeyVersion that will replace, or has replaced, this DnssecKeyVersion.
TimeActivated string: The date and time the key version went, or will go, active, expressed in RFC 3339 timestamp format. This is when the key material will be used to generate RRSIGs.
TimeCreated string: The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.
TimeExpired string: The date and time at which the recommended key version publication/activation lifetime ends, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY should no longer exist in zone contents and no longer be used to generate RRSIGs. For a key sigining key (KSK), if PromoteZoneDnssecKeyVersion has not been called on this DnssecKeyVersion's successor then it will remain active for arbitrarily long past its recommended lifetime. This prevents service disruption at the potential increased risk of key compromise.
TimeInactivated string: The date and time the key version went, or will go, inactive, expressed in RFC 3339 timestamp format. This is when the key material will no longer be used to generate RRSIGs. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
TimePromoted string: The date and time the key version was promoted expressed in RFC 3339 timestamp format.
TimePublished string: The date and time the key version was, or will be, published, expressed in RFC 3339 timestamp format. This is when the zone contents will include a DNSKEY record corresponding to the key material.
TimeUnpublished string: The date and time the key version was, or will be, unpublished, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY will be removed from zone contents. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
Uuid string: The UUID of the DnssecKeyVersion.

Algorithm string: The signing algorithm used for the key.
KeyTag int: The key tag associated with the DnssecKeyVersion. This key tag will be present in the RRSIG and DS records associated with the key material for this DnssecKeyVersion. For more information about key tags, see RFC 4034.
LengthInBytes int: The length of the corresponding private key in bytes, expressed as an integer.
PredecessorDnssecKeyVersionUuid string: When populated, this is the UUID of the DnssecKeyVersion that this DnssecKeyVersion will replace or has replaced.
SuccessorDnssecKeyVersionUuid string: When populated, this is the UUID of the DnssecKeyVersion that will replace, or has replaced, this DnssecKeyVersion.
TimeActivated string: The date and time the key version went, or will go, active, expressed in RFC 3339 timestamp format. This is when the key material will be used to generate RRSIGs.
TimeCreated string: The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.
TimeExpired string: The date and time at which the recommended key version publication/activation lifetime ends, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY should no longer exist in zone contents and no longer be used to generate RRSIGs. For a key sigining key (KSK), if PromoteZoneDnssecKeyVersion has not been called on this DnssecKeyVersion's successor then it will remain active for arbitrarily long past its recommended lifetime. This prevents service disruption at the potential increased risk of key compromise.
TimeInactivated string: The date and time the key version went, or will go, inactive, expressed in RFC 3339 timestamp format. This is when the key material will no longer be used to generate RRSIGs. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
TimePromoted string: The date and time the key version was promoted expressed in RFC 3339 timestamp format.
TimePublished string: The date and time the key version was, or will be, published, expressed in RFC 3339 timestamp format. This is when the zone contents will include a DNSKEY record corresponding to the key material.
TimeUnpublished string: The date and time the key version was, or will be, unpublished, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY will be removed from zone contents. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
Uuid string: The UUID of the DnssecKeyVersion.

algorithm String: The signing algorithm used for the key.
keyTag Integer: The key tag associated with the DnssecKeyVersion. This key tag will be present in the RRSIG and DS records associated with the key material for this DnssecKeyVersion. For more information about key tags, see RFC 4034.
lengthInBytes Integer: The length of the corresponding private key in bytes, expressed as an integer.
predecessorDnssecKeyVersionUuid String: When populated, this is the UUID of the DnssecKeyVersion that this DnssecKeyVersion will replace or has replaced.
successorDnssecKeyVersionUuid String: When populated, this is the UUID of the DnssecKeyVersion that will replace, or has replaced, this DnssecKeyVersion.
timeActivated String: The date and time the key version went, or will go, active, expressed in RFC 3339 timestamp format. This is when the key material will be used to generate RRSIGs.
timeCreated String: The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.
timeExpired String: The date and time at which the recommended key version publication/activation lifetime ends, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY should no longer exist in zone contents and no longer be used to generate RRSIGs. For a key sigining key (KSK), if PromoteZoneDnssecKeyVersion has not been called on this DnssecKeyVersion's successor then it will remain active for arbitrarily long past its recommended lifetime. This prevents service disruption at the potential increased risk of key compromise.
timeInactivated String: The date and time the key version went, or will go, inactive, expressed in RFC 3339 timestamp format. This is when the key material will no longer be used to generate RRSIGs. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
timePromoted String: The date and time the key version was promoted expressed in RFC 3339 timestamp format.
timePublished String: The date and time the key version was, or will be, published, expressed in RFC 3339 timestamp format. This is when the zone contents will include a DNSKEY record corresponding to the key material.
timeUnpublished String: The date and time the key version was, or will be, unpublished, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY will be removed from zone contents. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
uuid String: The UUID of the DnssecKeyVersion.

algorithm string: The signing algorithm used for the key.
keyTag number: The key tag associated with the DnssecKeyVersion. This key tag will be present in the RRSIG and DS records associated with the key material for this DnssecKeyVersion. For more information about key tags, see RFC 4034.
lengthInBytes number: The length of the corresponding private key in bytes, expressed as an integer.
predecessorDnssecKeyVersionUuid string: When populated, this is the UUID of the DnssecKeyVersion that this DnssecKeyVersion will replace or has replaced.
successorDnssecKeyVersionUuid string: When populated, this is the UUID of the DnssecKeyVersion that will replace, or has replaced, this DnssecKeyVersion.
timeActivated string: The date and time the key version went, or will go, active, expressed in RFC 3339 timestamp format. This is when the key material will be used to generate RRSIGs.
timeCreated string: The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.
timeExpired string: The date and time at which the recommended key version publication/activation lifetime ends, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY should no longer exist in zone contents and no longer be used to generate RRSIGs. For a key sigining key (KSK), if PromoteZoneDnssecKeyVersion has not been called on this DnssecKeyVersion's successor then it will remain active for arbitrarily long past its recommended lifetime. This prevents service disruption at the potential increased risk of key compromise.
timeInactivated string: The date and time the key version went, or will go, inactive, expressed in RFC 3339 timestamp format. This is when the key material will no longer be used to generate RRSIGs. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
timePromoted string: The date and time the key version was promoted expressed in RFC 3339 timestamp format.
timePublished string: The date and time the key version was, or will be, published, expressed in RFC 3339 timestamp format. This is when the zone contents will include a DNSKEY record corresponding to the key material.
timeUnpublished string: The date and time the key version was, or will be, unpublished, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY will be removed from zone contents. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
uuid string: The UUID of the DnssecKeyVersion.

algorithm str: The signing algorithm used for the key.
key_tag int: The key tag associated with the DnssecKeyVersion. This key tag will be present in the RRSIG and DS records associated with the key material for this DnssecKeyVersion. For more information about key tags, see RFC 4034.
length_in_bytes int: The length of the corresponding private key in bytes, expressed as an integer.
predecessor_dnssec_key_version_uuid str: When populated, this is the UUID of the DnssecKeyVersion that this DnssecKeyVersion will replace or has replaced.
successor_dnssec_key_version_uuid str: When populated, this is the UUID of the DnssecKeyVersion that will replace, or has replaced, this DnssecKeyVersion.
time_activated str: The date and time the key version went, or will go, active, expressed in RFC 3339 timestamp format. This is when the key material will be used to generate RRSIGs.
time_created str: The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.
time_expired str: The date and time at which the recommended key version publication/activation lifetime ends, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY should no longer exist in zone contents and no longer be used to generate RRSIGs. For a key sigining key (KSK), if PromoteZoneDnssecKeyVersion has not been called on this DnssecKeyVersion's successor then it will remain active for arbitrarily long past its recommended lifetime. This prevents service disruption at the potential increased risk of key compromise.
time_inactivated str: The date and time the key version went, or will go, inactive, expressed in RFC 3339 timestamp format. This is when the key material will no longer be used to generate RRSIGs. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
time_promoted str: The date and time the key version was promoted expressed in RFC 3339 timestamp format.
time_published str: The date and time the key version was, or will be, published, expressed in RFC 3339 timestamp format. This is when the zone contents will include a DNSKEY record corresponding to the key material.
time_unpublished str: The date and time the key version was, or will be, unpublished, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY will be removed from zone contents. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
uuid str: The UUID of the DnssecKeyVersion.

algorithm String: The signing algorithm used for the key.
keyTag Number: The key tag associated with the DnssecKeyVersion. This key tag will be present in the RRSIG and DS records associated with the key material for this DnssecKeyVersion. For more information about key tags, see RFC 4034.
lengthInBytes Number: The length of the corresponding private key in bytes, expressed as an integer.
predecessorDnssecKeyVersionUuid String: When populated, this is the UUID of the DnssecKeyVersion that this DnssecKeyVersion will replace or has replaced.
successorDnssecKeyVersionUuid String: When populated, this is the UUID of the DnssecKeyVersion that will replace, or has replaced, this DnssecKeyVersion.
timeActivated String: The date and time the key version went, or will go, active, expressed in RFC 3339 timestamp format. This is when the key material will be used to generate RRSIGs.
timeCreated String: The date and time the resource was created in "YYYY-MM-ddThh:mm:ssZ" format with a Z offset, as defined by RFC 3339.
timeExpired String: The date and time at which the recommended key version publication/activation lifetime ends, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY should no longer exist in zone contents and no longer be used to generate RRSIGs. For a key sigining key (KSK), if PromoteZoneDnssecKeyVersion has not been called on this DnssecKeyVersion's successor then it will remain active for arbitrarily long past its recommended lifetime. This prevents service disruption at the potential increased risk of key compromise.
timeInactivated String: The date and time the key version went, or will go, inactive, expressed in RFC 3339 timestamp format. This is when the key material will no longer be used to generate RRSIGs. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
timePromoted String: The date and time the key version was promoted expressed in RFC 3339 timestamp format.
timePublished String: The date and time the key version was, or will be, published, expressed in RFC 3339 timestamp format. This is when the zone contents will include a DNSKEY record corresponding to the key material.
timeUnpublished String: The date and time the key version was, or will be, unpublished, expressed in RFC 3339 timestamp format. This is when the corresponding DNSKEY will be removed from zone contents. For a key signing key (KSK) DnssecKeyVersion, this is populated after PromoteZoneDnssecKeyVersion has been called on its successor DnssecKeyVersion.
uuid String: The UUID of the DnssecKeyVersion.

ZoneExternalDownstream, ZoneExternalDownstreamArgs

Address string: (Updatable) The server's IP address (IPv4 or IPv6).
Port int: (Updatable) The server's port. Port value must be a value of 53, otherwise omit the port value.
TsigKeyId string: (Updatable) The OCID of the TSIG key. A TSIG key is used to secure DNS messages (in this case, zone transfers) between two systems that both have the (shared) secret.

Address string: (Updatable) The server's IP address (IPv4 or IPv6).
Port int: (Updatable) The server's port. Port value must be a value of 53, otherwise omit the port value.
TsigKeyId string: (Updatable) The OCID of the TSIG key. A TSIG key is used to secure DNS messages (in this case, zone transfers) between two systems that both have the (shared) secret.

address String: (Updatable) The server's IP address (IPv4 or IPv6).
port Integer: (Updatable) The server's port. Port value must be a value of 53, otherwise omit the port value.
tsigKeyId String: (Updatable) The OCID of the TSIG key. A TSIG key is used to secure DNS messages (in this case, zone transfers) between two systems that both have the (shared) secret.

address string: (Updatable) The server's IP address (IPv4 or IPv6).
port number: (Updatable) The server's port. Port value must be a value of 53, otherwise omit the port value.
tsigKeyId string: (Updatable) The OCID of the TSIG key. A TSIG key is used to secure DNS messages (in this case, zone transfers) between two systems that both have the (shared) secret.

address str: (Updatable) The server's IP address (IPv4 or IPv6).
port int: (Updatable) The server's port. Port value must be a value of 53, otherwise omit the port value.
tsig_key_id str: (Updatable) The OCID of the TSIG key. A TSIG key is used to secure DNS messages (in this case, zone transfers) between two systems that both have the (shared) secret.

address String: (Updatable) The server's IP address (IPv4 or IPv6).
port Number: (Updatable) The server's port. Port value must be a value of 53, otherwise omit the port value.
tsigKeyId String: (Updatable) The OCID of the TSIG key. A TSIG key is used to secure DNS messages (in this case, zone transfers) between two systems that both have the (shared) secret.

ZoneExternalMaster, ZoneExternalMasterArgs

Address string: (Updatable) The server's IP address (IPv4 or IPv6).
Port int: (Updatable) The server's port. Port value must be a value of 53, otherwise omit the port value.
TsigKeyId string: (Updatable) The OCID of the TSIG key.

Address string: (Updatable) The server's IP address (IPv4 or IPv6).
Port int: (Updatable) The server's port. Port value must be a value of 53, otherwise omit the port value.
TsigKeyId string: (Updatable) The OCID of the TSIG key.

address String: (Updatable) The server's IP address (IPv4 or IPv6).
port Integer: (Updatable) The server's port. Port value must be a value of 53, otherwise omit the port value.
tsigKeyId String: (Updatable) The OCID of the TSIG key.

address string: (Updatable) The server's IP address (IPv4 or IPv6).
port number: (Updatable) The server's port. Port value must be a value of 53, otherwise omit the port value.
tsigKeyId string: (Updatable) The OCID of the TSIG key.

address str: (Updatable) The server's IP address (IPv4 or IPv6).
port int: (Updatable) The server's port. Port value must be a value of 53, otherwise omit the port value.
tsig_key_id str: (Updatable) The OCID of the TSIG key.

address String: (Updatable) The server's IP address (IPv4 or IPv6).
port Number: (Updatable) The server's port. Port value must be a value of 53, otherwise omit the port value.
tsigKeyId String: (Updatable) The OCID of the TSIG key.

ZoneNameserver, ZoneNameserverArgs

Hostname string: The hostname of the nameserver.

Hostname string: The hostname of the nameserver.

hostname String: The hostname of the nameserver.

hostname string: The hostname of the nameserver.

hostname str: The hostname of the nameserver.

hostname String: The hostname of the nameserver.

ZoneZoneTransferServer, ZoneZoneTransferServerArgs

Address string: The server's IP address (IPv4 or IPv6).
IsTransferDestination bool: A Boolean flag indicating whether or not the server is a zone data transfer destination.
IsTransferSource bool: A Boolean flag indicating whether or not the server is a zone data transfer source.
Port int: The server's port.

Address string: The server's IP address (IPv4 or IPv6).
IsTransferDestination bool: A Boolean flag indicating whether or not the server is a zone data transfer destination.
IsTransferSource bool: A Boolean flag indicating whether or not the server is a zone data transfer source.
Port int: The server's port.

address String: The server's IP address (IPv4 or IPv6).
isTransferDestination Boolean: A Boolean flag indicating whether or not the server is a zone data transfer destination.
isTransferSource Boolean: A Boolean flag indicating whether or not the server is a zone data transfer source.
port Integer: The server's port.

address string: The server's IP address (IPv4 or IPv6).
isTransferDestination boolean: A Boolean flag indicating whether or not the server is a zone data transfer destination.
isTransferSource boolean: A Boolean flag indicating whether or not the server is a zone data transfer source.
port number: The server's port.

address str: The server's IP address (IPv4 or IPv6).
is_transfer_destination bool: A Boolean flag indicating whether or not the server is a zone data transfer destination.
is_transfer_source bool: A Boolean flag indicating whether or not the server is a zone data transfer source.
port int: The server's port.

address String: The server's IP address (IPv4 or IPv6).
isTransferDestination Boolean: A Boolean flag indicating whether or not the server is a zone data transfer destination.
isTransferSource Boolean: A Boolean flag indicating whether or not the server is a zone data transfer source.
port Number: The server's port.

Import

Zones can be imported using the id, e.g.

$ pulumi import oci:Dns/zone:Zone test_zone "id"

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: oci pulumi/pulumi-oci
License: Apache-2.0
Notes: This Pulumi package is based on the oci Terraform Provider.

Oracle Cloud Infrastructure v2.33.0 published on Thursday, May 1, 2025 by Pulumi

pulumi/pulumi-oci

oci.Dns.Zone

On this page

On this page

Example Usage

Create Zone Resource

Constructor syntax

Parameters

Constructor example

Zone Resource Properties

Inputs

Outputs

Look up Existing Zone Resource

Supporting Types

ZoneDnssecConfig, ZoneDnssecConfigArgs

ZoneDnssecConfigKskDnssecKeyVersion, ZoneDnssecConfigKskDnssecKeyVersionArgs

ZoneDnssecConfigKskDnssecKeyVersionDsData, ZoneDnssecConfigKskDnssecKeyVersionDsDataArgs

ZoneDnssecConfigZskDnssecKeyVersion, ZoneDnssecConfigZskDnssecKeyVersionArgs

ZoneExternalDownstream, ZoneExternalDownstreamArgs

ZoneExternalMaster, ZoneExternalMasterArgs

ZoneNameserver, ZoneNameserverArgs

ZoneZoneTransferServer, ZoneZoneTransferServerArgs

Import

Package Details

On this page

On this page