Updated on 2025-08-07 GMT+08:00

Creating a Private Zone

Function

After a private zone is created, you can associate it with a private IP address to provide private domain name resolution in the VPC for cloud services.

Calling Method

For details, see Calling APIs.

URI

POST /v2/zones

Request Parameters

Table 1 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

Definition

The user token.

The token can be obtained by calling an IAM API. The value of X-Subject-Token in the response header is the user token.

For details about how to obtain a user token, seeObtaining a User Token.

Constraints

N/A

Range

N/A

Default Value

N/A

Table 2 Request body parameters

Parameter

Mandatory

Type

Description

name

Yes

String

Definition

The domain name.

Constraints

N/A

Range

Enter multiple labels separated by periods (.). Use only letters, digits, and hyphens (-). Do not start or end with a hyphen (-). Max label length: 63 characters. Max total: 254 characters.

Default Value

N/A

description

No

String

Definition

The description of the zone.

Constraints

N/A

Range

The value can contain a maximum of 255 characters.

Default Value

N/A

zone_type

Yes

String

Definition

Zone type

Constraints

N/A

Range

private: Private zone

Default Value

N/A

email

No

String

Definition

Email address of the administrator who manages the zone. The email address is used to generate the SOA record set of the zone.

Constraints

N/A

Range

N/A

Default Value

N/A

ttl

No

Integer

Definition

The TTL specified in the SOA record set generated by default. It is measured in seconds.

Constraints

N/A

Range

1 to 2147483647

Default Value

300

router

Yes

Router object

Definition

Router (VPC) associated

Constraints

N/A

Range

N/A

Default Value

N/A

proxy_pattern

No

String

Definition

Status of the recursive resolution proxy mode for subdomain names of private zones.

Constraints

N/A

Range

  • AUTHORITY: The recursive resolution proxy is disabled for the zone.

  • RECURSIVE: The recursive resolution proxy is enabled for the zone.

Default Value

AUTHORITY

tags

No

Array of tag objects

Definition

Resource tag

Constraints

N/A

Range

N/A

Default Value

N/A

enterprise_project_id

No

String

Definition

The ID of the enterprise project to which the zone belongs. This parameter is used to filter the zones under an enterprise project.

Constraints

N/A

Range

The value is 0 or a string that contains a maximum of 36 characters in UUID format with hyphens (-). 0 indicates the default enterprise project.

Default Value

0

Table 3 Router

Parameter

Mandatory

Type

Description

router_id

Yes

String

ID of the associated VPC.

router_region

No

String

Region where the associated VPC is located.

status

No

String

Resource status.

Table 4 tag

Parameter

Mandatory

Type

Description

key

Yes

String

Definition

The tag key.

Range

  • Cannot be left blank.

  • Must be unique for each resource.

  • Contains up to 128 characters.

  • Cannot start or end with a space, or start with sys. Only letters, digits, spaces, and the following special characters are allowed: _.:=+-@

value

No

String

Definition

The tag value.

Range

  • Can be left blank.

  • Can contain a maximum of 255 characters.

  • Only letters, digits, spaces, and the following special characters are allowed: _.:/=+-@

Response Parameters

Status code: 202

Table 5 Response body parameters

Parameter

Type

Description

id

String

Definition

Zone ID, which is a UUID used to identify the zone

Range

N/A

name

String

Definition

Zone

Range

N/A

description

String

Definition

The description of the zone.

Range

The value can contain a maximum of 255 characters.

email

String

Definition

Email address of the administrator who manages the zone. The email address is used to generate the SOA record set of the zone.

Range

N/A

zone_type

String

Definition

Zone type

Range

private: Private zone

ttl

Integer

Definition

The TTL specified in the SOA record in the zone. It is measured in seconds.

Range

1 to 2147483647

serial

Integer

Definition

Sequence number used to identify zone file changes in the SOA record set of the zone. The sequence number is used for synchronization between the primary and secondary nodes.

This parameter is reserved.

Range

N/A

status

String

Definition

The status of the private zone.

Range

  • ACTIVE: The zone is normal.

  • PENDING_CREATE: The zone is being created.

  • DISABLE: The zone is disabled.

record_num

Integer

Definition

Number of record sets for the zone

Range

N/A

proxy_pattern

String

Definition

Status of the recursive resolution proxy mode for subdomain names of private zones.

Range

  • AUTHORITY: The recursive resolution proxy is disabled for the zone.

  • RECURSIVE: The recursive resolution proxy is enabled for the zone.

pool_id

String

Definition

Pool ID of the zone, which is assigned by the system

Range

N/A

project_id

String

Definition

Project ID of the zone

Range

N/A

created_at

String

Definition

The time when a zone was created.

Format: yyyy-MM-dd'T'HH:mm:ss.SSS

Range

N/A

updated_at

String

Definition

The time when the zone was last modified.

Format: yyyy-MM-dd'T'HH:mm:ss.SSS

Range

N/A

links

pageLink object

Definition

The link to the current page or other pages. When a response is broken into pages, a next link is provided to point to the next page.

Range

N/A

masters

Array of strings

Definition

Primary DNS servers, from which the secondary DNS servers get DNS information

Range

N/A

router

RouterWithStatus object

Definition

Routers (VPCs) associated with the zone

Range

N/A

Table 7 RouterWithStatus

Parameter

Type

Description

status

String

Definition

The status of the associated VPC.

Range

N/A

router_id

String

Definition

ID of the associated VPC

Range

N/A

router_region

String

Definition

Region where the associated VPC is located

Range

N/A

Status code: 400

Table 8 Response body parameters

Parameter

Type

Description

code

String

Definition

Error code

Range

N/A

message

String

Definition

Error description

Range

N/A

Status code: 404

Table 9 Response body parameters

Parameter

Type

Description

code

String

Definition

Error code

Range

N/A

message

String

Definition

Error description

Range

N/A

Status code: 500

Table 10 Response body parameters

Parameter

Type

Description

code

String

Definition

Error code

Range

N/A

message

String

Definition

Error description

Range

N/A

Example Requests

Creating a private zone and setting the recursive resolution proxy to AUTHORITY for subdomains

POST https://{endpoint}/v2/zones

{
  "name" : "example.com.",
  "description" : "This is an example zone.",
  "zone_type" : "private",
  "email" : "xx@example.org",
  "router" : {
    "router_id" : "19664294-0bf6-4271-ad3a-94b8c79c6558",
    "router_region" : "xx"
  },
  "proxy_pattern" : "AUTHORITY",
  "tags" : [ {
    "key" : "key1",
    "value" : "value1"
  } ]
}

Example Responses

Status code: 202

Request accepted

{
  "id" : "ff8080825b8fc86c015b94bc6f8712c3",
  "name" : "example.com.",
  "description" : "This is an example zone.",
  "email" : "xx@example.com",
  "ttl" : 300,
  "serial" : 1,
  "masters" : [ ],
  "status" : "PENDING_CREATE",
  "links" : {
    "self" : "https://Endpoint/v2/zones/ff8080825b8fc86c015b94bc6f8712c3"
  },
  "pool_id" : "ff8080825ab738f4015ab7513298010e",
  "project_id" : "e55c6f3dc4e34c9f86353b664ae0e70c",
  "zone_type" : "private",
  "created_at" : "2017-04-22T08:17:08.997",
  "updated_at" : null,
  "record_num" : 0,
  "proxy_pattern" : "AUTHORITY",
  "router" : {
    "status" : "PENDING_CREATE",
    "router_id" : "19664294-0bf6-4271-ad3a-94b8c79c6558",
    "router_region" : "xx"
  }
}

SDK Sample Code

The SDK sample code is as follows.

Creating a private zone and setting the recursive resolution proxy to AUTHORITY for subdomains

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.dns.v2.region.DnsRegion;
import com.huaweicloud.sdk.dns.v2.*;
import com.huaweicloud.sdk.dns.v2.model.*;

import java.util.List;
import java.util.ArrayList;

public class CreatePrivateZoneSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");

        ICredential auth = new BasicCredentials()
                .withAk(ak)
                .withSk(sk);

        DnsClient client = DnsClient.newBuilder()
                .withCredential(auth)
                .withRegion(DnsRegion.valueOf("<YOUR REGION>"))
                .build();
        CreatePrivateZoneRequest request = new CreatePrivateZoneRequest();
        CreatePrivateZoneReq body = new CreatePrivateZoneReq();
        List<Tag> listbodyTags = new ArrayList<>();
        listbodyTags.add(
            new Tag()
                .withKey("key1")
                .withValue("value1")
        );
        Router routerbody = new Router();
        routerbody.withRouterId("19664294-0bf6-4271-ad3a-94b8c79c6558")
            .withRouterRegion("xx");
        body.withTags(listbodyTags);
        body.withProxyPattern("AUTHORITY");
        body.withRouter(routerbody);
        body.withEmail("xx@example.org");
        body.withZoneType("private");
        body.withDescription("This is an example zone.");
        body.withName("example.com.");
        request.withBody(body);
        try {
            CreatePrivateZoneResponse response = client.createPrivateZone(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

Creating a private zone and setting the recursive resolution proxy to AUTHORITY for subdomains

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
# coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkdns.v2.region.dns_region import DnsRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkdns.v2 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]

    credentials = BasicCredentials(ak, sk)

    client = DnsClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(DnsRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = CreatePrivateZoneRequest()
        listTagsbody = [
            Tag(
                key="key1",
                value="value1"
            )
        ]
        routerbody = Router(
            router_id="19664294-0bf6-4271-ad3a-94b8c79c6558",
            router_region="xx"
        )
        request.body = CreatePrivateZoneReq(
            tags=listTagsbody,
            proxy_pattern="AUTHORITY",
            router=routerbody,
            email="xx@example.org",
            zone_type="private",
            description="This is an example zone.",
            name="example.com."
        )
        response = client.create_private_zone(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

Creating a private zone and setting the recursive resolution proxy to AUTHORITY for subdomains

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    dns "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dns/v2"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dns/v2/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dns/v2/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        Build()

    client := dns.NewDnsClient(
        dns.DnsClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.CreatePrivateZoneRequest{}
	valueTags:= "value1"
	var listTagsbody = []model.Tag{
        {
            Key: "key1",
            Value: &valueTags,
        },
    }
	routerRegionRouter:= "xx"
	routerbody := &model.Router{
		RouterId: "19664294-0bf6-4271-ad3a-94b8c79c6558",
		RouterRegion: &routerRegionRouter,
	}
	proxyPatternCreatePrivateZoneReq:= "AUTHORITY"
	emailCreatePrivateZoneReq:= "xx@example.org"
	descriptionCreatePrivateZoneReq:= "This is an example zone."
	request.Body = &model.CreatePrivateZoneReq{
		Tags: &listTagsbody,
		ProxyPattern: &proxyPatternCreatePrivateZoneReq,
		Router: routerbody,
		Email: &emailCreatePrivateZoneReq,
		ZoneType: "private",
		Description: &descriptionCreatePrivateZoneReq,
		Name: "example.com.",
	}
	response, err := client.CreatePrivateZone(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.

Status Codes

Status Code

Description

202

Request accepted

400

Error response

404

Error response

500

Error response

Error Codes

See Error Codes.