Help Center/ FunctionGraph/ User Guide (ME-Abu Dhabi Region)/ FAQs/ General FAQs/ How Does FunctionGraph Resolve a Private DNS Domain Name?
Updated on 2023-11-21 GMT+08:00

How Does FunctionGraph Resolve a Private DNS Domain Name?

FunctionGraph cannot directly parse private domain names. To parse them, call DNS APIs and perform the following steps.

Resolving a Private DNS Domain Name

Ensure that a VPC and private DNS domain name have been created before performing the following steps:

  1. Associate a VPC with the private domain name and add record sets.

    Log in to the DNS console and associate a VPC with the private domain name.

    Click the domain name, and add a type A record set.

  2. Create a function.

    Create a function whose runtime is Python 2.7. The following is sample code.

    # -*- coding:utf-8 -*-
    import json
    import os
    def handler(event, context):
         os.system("curl -iv www.test.com")

  3. Configure an agency with DNS and VPC permissions for the function.

    On the IAM console, create an agency with DNS ReadOnlyAccess and VPC Administrator permissions for FunctionGraph.

    You need to configure the permission to read DNS resource data because the function needs to obtain such data when parsing a domain name. Otherwise, the following error message is displayed, indicating that the DNS resource data failed to be obtained.

    2020/08/20 10:37:12 GMT+08:00  Start invoke request 'a2f105b4-2e72-4fda-94a5-86d3837e961d', version: latest
    [GET /v2/zones/{zone_id}/recordsets] failed, response: {"code":"DNS.1802","message":"Policy doesn't allow dns:recordset:list to be performed."}
    2020/08/20 10:37:13 GMT+08:00  Finish invoke request 'a2f105b4-2e72-4fda-94a5-86d3837e961d', duration: 1030.072ms, billing duration: 1100ms, memory used: 77.039MB.

  4. Configure the function.

    On the details page of the function created in 2, click the Configuration tab and configure the following settings:

    1. For Permissions, select the agency created in 3.
    2. Enable VPC access and select the created VPC, subnet, and domain name.

  5. Check the execution result.

    Then all configured IPv4 domain names can be parsed.