OpenMCF logoOpenMCF

Loading...

OCI DNS Record

Deploys an OCI DNS Record Set (RRSet) — a set of DNS resource records sharing the same domain and record type within an OCI DNS zone. Updates replace the entire record set atomically, supporting A, AAAA, CNAME, MX, TXT, SRV, CAA, NS, PTR, and other standard DNS record types.

What Gets Created

When you deploy an OciDnsRecord resource, OpenMCF provisions:

  • DNS Record Set — a dns.Rrset resource within the target zone. Each record item carries its own rdata and TTL. The set is managed atomically — updates replace all records for the (domain, rtype) tuple.

Prerequisites

  • OCI credentials configured via environment variables or OpenMCF provider config (API Key, Instance Principal, Security Token, Resource Principal, or OKE Workload Identity)
  • An OCI DNS zone — either a zone OCID or zone name, either a literal value or a reference to an OciDnsZone resource
  • A DNS view OCID (for private zones only) — required when referencing a private zone by name

Quick Start

Create a file dns-record.yaml:

apiVersion: oci.openmcf.org/v1
kind: OciDnsRecord
metadata:
  name: app-a-record
  labels:
    openmcf.org/provisioner: pulumi
    pulumi.openmcf.org/organization: my-org
    pulumi.openmcf.org/project: my-project
    pulumi.openmcf.org/stack.name: dev.OciDnsRecord.app-a-record
spec:
  zoneNameOrId:
    value: "example.com"
  domain: "app.example.com"
  rtype: "A"
  items:
    - rdata: "192.0.2.1"
      ttl: 300

Deploy:

openmcf apply -f dns-record.yaml

This creates an A record for app.example.com pointing to 192.0.2.1 with a 5-minute TTL.

Configuration Reference

Required Fields

FieldTypeDescriptionValidation
zoneNameOrIdStringValueOrRefOCID or name of the target DNS zone. ForceNew. Can reference an OciDnsZone resource via valueFrom.Required
domainstringFully qualified domain name for the record set (e.g., app.example.com). ForceNew.Min length 1
rtypestringDNS record type (e.g., A, AAAA, CNAME, MX, TXT, SRV, CAA, NS, PTR). ForceNew.Min length 1
itemsRecordItem[]DNS records in this record set.Min 1 item

RecordItem

FieldTypeDescriptionValidation
rdatastringRecord data in type-specific presentation format. Examples: "192.0.2.1" (A), "10 mail.example.com." (MX), "\"v=spf1 include:example.com ~all\"" (TXT).Min length 1
ttlint32Time to live in seconds. Controls how long resolvers cache this record. Values below 30 are not recommended by OCI.>= 1

Optional Fields

FieldTypeDefaultDescription
viewIdStringValueOrRef—OCID of the private DNS view. Required when accessing a private zone by name. Not needed when zoneNameOrId is an OCID. ForceNew.

Examples

Single A Record

An A record pointing a subdomain to a single IP address:

apiVersion: oci.openmcf.org/v1
kind: OciDnsRecord
metadata:
  name: app-a-record
  labels:
    openmcf.org/provisioner: pulumi
    pulumi.openmcf.org/organization: my-org
    pulumi.openmcf.org/project: my-project
    pulumi.openmcf.org/stack.name: dev.OciDnsRecord.app-a-record
spec:
  zoneNameOrId:
    value: "example.com"
  domain: "app.example.com"
  rtype: "A"
  items:
    - rdata: "192.0.2.1"
      ttl: 300

Multiple A Records with Zone Reference

Round-robin A records using valueFrom to reference an OciDnsZone:

apiVersion: oci.openmcf.org/v1
kind: OciDnsRecord
metadata:
  name: web-a-records
  labels:
    openmcf.org/provisioner: pulumi
    pulumi.openmcf.org/organization: my-org
    pulumi.openmcf.org/project: my-project
    pulumi.openmcf.org/stack.name: prod.OciDnsRecord.web-a-records
spec:
  zoneNameOrId:
    valueFrom:
      kind: OciDnsZone
      name: prod-zone
      fieldPath: status.outputs.zoneId
  domain: "web.example.com"
  rtype: "A"
  items:
    - rdata: "192.0.2.1"
      ttl: 300
    - rdata: "192.0.2.2"
      ttl: 300
    - rdata: "192.0.2.3"
      ttl: 300

MX Records for Email

Mail exchange records with priority values embedded in rdata:

apiVersion: oci.openmcf.org/v1
kind: OciDnsRecord
metadata:
  name: mail-mx-records
  labels:
    openmcf.org/provisioner: pulumi
    pulumi.openmcf.org/organization: my-org
    pulumi.openmcf.org/project: my-project
    pulumi.openmcf.org/stack.name: prod.OciDnsRecord.mail-mx-records
spec:
  zoneNameOrId:
    value: "example.com"
  domain: "example.com"
  rtype: "MX"
  items:
    - rdata: "10 mail1.example.com."
      ttl: 3600
    - rdata: "20 mail2.example.com."
      ttl: 3600

CNAME Record

A CNAME alias pointing a subdomain to another hostname:

apiVersion: oci.openmcf.org/v1
kind: OciDnsRecord
metadata:
  name: api-cname
  labels:
    openmcf.org/provisioner: pulumi
    pulumi.openmcf.org/organization: my-org
    pulumi.openmcf.org/project: my-project
    pulumi.openmcf.org/stack.name: prod.OciDnsRecord.api-cname
spec:
  zoneNameOrId:
    value: "example.com"
  domain: "api.example.com"
  rtype: "CNAME"
  items:
    - rdata: "lb.example.com."
      ttl: 300

TXT Record for SPF

A TXT record for email sender policy:

apiVersion: oci.openmcf.org/v1
kind: OciDnsRecord
metadata:
  name: spf-txt
  labels:
    openmcf.org/provisioner: pulumi
    pulumi.openmcf.org/organization: my-org
    pulumi.openmcf.org/project: my-project
    pulumi.openmcf.org/stack.name: prod.OciDnsRecord.spf-txt
spec:
  zoneNameOrId:
    value: "example.com"
  domain: "example.com"
  rtype: "TXT"
  items:
    - rdata: "\"v=spf1 include:_spf.google.com ~all\""
      ttl: 3600

Stack Outputs

This component does not produce stack outputs. DNS record sets are identified by their (zone, domain, rtype) tuple, all of which are inputs.

Related Components

  • OciDnsZone — provides the zone referenced by zoneNameOrId via valueFrom
  • OciApplicationLoadBalancer — load balancer IPs are common targets for A/CNAME records
  • OciNetworkLoadBalancer — NLB IPs are common targets for A records
  • OciPublicIp — reserved public IPs used as record targets

Next article

OCI DNS Zone

OCI DNS Zone Deploys an Oracle Cloud Infrastructure DNS zone — a managed authoritative DNS zone supporting public (GLOBAL) and private resolution scopes, PRIMARY and SECONDARY zone types, zone transfers via external masters and downstreams, and DNSSEC signing. What Gets Created When you deploy an OciDnsZone resource, OpenMCF provisions: DNS Zone — a dns.Zone resource in the specified compartment. The zone name is derived from metadata.name. Supports GLOBAL (public) and PRIVATE scopes, PRIMARY...
Read next article
Presets
2 ready-to-deploy configurationsView presets →