Help Center/ FunctionGraph/ FAQs/ General FAQs/ How Does FunctionGraph Resolve a Private DNS Domain Name?
Updated on 2024-11-11 GMT+08:00
View PDF
Share

How Does FunctionGraph Resolve a Private DNS Domain Name?

FunctionGraph cannot directly parse private Huawei Cloud DNS domain names. To parse them, call DNS APIs and perform the following steps.

Resolving a Private DNS Domain Name

Ensure that a VPC and private DNS domain name have been created before performing the following steps:

  1. Associate a VPC with the private domain name and add record sets.

    Log in to the DNS console and associate a VPC with the private domain name.

    Click the domain name, and add a type A record set.

  2. Create a function.

    Create a function whose runtime is Python 2.7. The following is sample code.

    # -*- coding:utf-8 -*-
import json
import os
def handler(event, context):
     os.system("curl -iv www.test.com")

  3. Configure an agency with DNS and VPC permissions for the function.

    On the IAM console, create an agency with DNS ReadOnlyAccess and VPC Administrator permissions for FunctionGraph.

    You need to configure the permission to read DNS resource data because the function needs to obtain such data when parsing a domain name. Otherwise, the following error message is displayed, indicating that the DNS resource data failed to be obtained.

    2020/08/20 10:37:12 GMT+08:00  Start invoke request 'a2f105b4-2e72-4fda-94a5-86d3837e961d', version: latest
[GET /v2/zones/{zone_id}/recordsets] failed, response: {"code":"DNS.1802","message":"Policy doesn't allow dns:recordset:list to be performed."}
2020/08/20 10:37:13 GMT+08:00  Finish invoke request 'a2f105b4-2e72-4fda-94a5-86d3837e961d', duration: 1030.072ms, billing duration: 1100ms, memory used: 77.039MB.

  4. Configure the function.

    On the details page of the function created in 2, click the Configuration tab and configure the following settings:

    1. For Permissions, select the agency created in 3.
    2. Enable VPC access and select the created VPC, subnet, and domain name. For details, see Figure 1.
    Figure 1 Configure the function

  5. Check the execution result.

    Then all configured IPv4 domain names can be parsed.

Changes to the IP addresses corresponding to the VPC domain names you configure will take effect in 10 minutes.

Parent topic: General FAQs