Error messages

This page describes common error messages that you might receive when using Cloud DNS, what the messages mean, and recommended actions for resolving the errors.

General errors

This section describes general errors.

alreadyExists

The specified resource already exists; you cannot create a duplicate.

Recommended action: When creating a resource, use the appropriate get/list API to discover what resources already exist.

If you get this error when adding records, it is because an individual record is treated as a record set, which means each entry (if you have multiple entries) acts as a different record. You can add two values or strings to the record set for the same Domain Name System (DNS) name by adding a space between the first value and the second value.

For more information about how to resolve this error, see Fix conflicting records errors.

accessNotConfigured

Access not configured

To resolve this error, you must enable the Cloud DNS API for your project.

inactiveBillingState

Project example_project cannot accept requests while in an inactive billing state. Billing state might take several minutes to update.

Recommended action: Enable billing for your project. To enable billing for a new project, or to re-enable billing for an existing project, follow the appropriate steps in Enable billing for a project.

preconditionFailed

This is a generic error that means that something about the request is not compatible with the current state of the server resource. The client must do something to fix it and then try again. This can happen if you send a create change request that tries to delete a resource record set that doesn't match the one that already exists (same name and type).

Read the current state of the zone and decide what you want to delete. It might have changed since you last looked at it.

The error message includes the path to the problematic part of your request. For example, entity.change.deletions[6] refers to the seventh element in the deletions array of the change object in the POST body of your request.

Recommended action: Fix the part of the request that is flagged as problematic.

required

This is a generic error that means that some required part of the request is missing. For example, the request to create a managed zone requires a name, a DNS name, and a description. If any of these fields is missing, the request fails with this error.

Recommended action: Fill in the required parameter and try again.

notFound

The specified resource does not exist.

Recommended action: Make sure that you are using the name of an existing resource.

quotaExceeded

You get this error when an impending change would exceed your current quota. The quota is associated with the project. For example, you are only allowed a certain number of resource record sets in each zone. If you need a quota increase, contact your Google Cloud sales team. New projects have a default quota as specified in Cloud DNS resource quotas and limits. For all the different dimensions that DNS limits, see the Projects.get operation.

Recommended action: Check your project to understand why you are already using so much of that resource. You can request increased quota for a project on the Quotas page of the Google Cloud console for the project. You can also refer to Working with quotas.

Errors relating to managed zones

This section lists errors relating to managed zones.

invalidFieldValue

Invalid value for entity.managedZone.name.

The operation to create a managed zone can fail with this error if the managed zone name does not begin with a letter, end with a letter or digit, and contain only lowercase letters, digits, or dashes.

managedZoneDnsNameNotAvailable

The specified managed zone is not available and thus, cannot be created.

The operation to create a managed zone can fail with this error for the following reasons:

  • The DNS name of the proposed zone is reserved, for example, dot (.), .com, or .co.uk.
  • There are no more name servers available to host the DNS name of the zone. Cloud DNS uses a pool of name servers, and that pool is finite. A DNS query to any name server must map unambiguously to one managed zone. For more details, see nameserver limits.

Recommended action: If you are the registered owner of the DNS name in question, check for overlapping zones. To set up DNS for a domain and its subdomains, we recommend creating a single parent zone first and adding records for each subdomain in that zone.

verifyManagedZoneDnsNameOwnership

Verify ownership of the example.com domain (or a parent), and then try again.

Recommended action: When you receive this error, you must verify domain ownership, and then try again.

Errors relating to managed records

The errors in this section relate to records.

containerNotEmpty

The specified resource cannot be deleted because it is not empty.

Recommended action: If you want to delete the resource, you must empty it first.

invalidZoneApex

The specified resource record set is invalid because a zone must contain exactly one resource record set of a certain type at the apex.

Apex in the DNS context means the DNS name with the fewest number of labels that are allowed in the zone. It is also the top of the zone hierarchy. The apex of a zone is the DNS name equal to ManagedZone.dnsName.

This error means that you tried to make a change that would violate the DNS rule that a zone must contain exactly one resource record set of a certain type at the apex. The following actions can cause this error:

  • You tried to delete the required NS resource record set at the apex.
  • You tried to delete the required SOA resource record set at the apex.
  • You tried to create a resource record set of type SOA not at the apex.

Recommended action: If you get this error, you are trying to do something that isn't allowed under the rules of DNS. Check your request for mistakes. There is no need to delete the required resource record sets.

invalidRecordCount

The resource record set entity.change.additions[XX] is only permitted to have one record because it is of type <SOA_OR_CNAME>.

The rules of DNS say that SOA and CNAME resource record sets can only have one resource record. You get this error if you try to create a change that would break those rules. For example:

  {
    kind: "dns#rrset"
    name: "blog.foo.com.",
    type: "CNAME",
    rrdata: [ "www.foo.com.", "www2.foo.com." ],
    ...
  }

Recommended action: If you get this error, check your request. You are trying to do something that isn't allowed.

cnameResourceRecordSetConflict

The resource record set entity.change.additions[XX] is invalid because the DNS name example.com might have either one CNAME resource record set or resource record sets of other types, but not both.

This error occurs when you create two types of resource record sets, such as both an A record and a CNAME record for the same DNS name. A common cause of this error is trying to create a CNAME record at the zone apex. This is not possible because it would conflict with the required SOA and NS records of the same name.

Recommended action: Pick one or the other.

wildcardNotAllowed

The specified resource record set has the wrong type to be a wildcard.

In DNS, a wildcard is a special type of resource record set that matches requests for non-existent domain names. One limitation of Cloud DNS is that you cannot create a wildcard resource record set of type NS.

Recommended action: Wildcard NS resource record sets are not supported at this time. Contact Cloud DNS Support or join cloud-dns-discuss and share what you are trying to accomplish.

recordTypeDisallowedAtZoneApex

The specified resource record cannot exist alongside any other record type, including the SOA record that is required at the zone apex.

You cannot place a CNAME resource record at the apex because it cannot exist alongside any other resource record type, including the SOA resource record that is required at the zone apex.

Recommended action: Use an ALIAS resource record. An ALIAS resource record is a Cloud DNS custom record type that behaves like a CNAME resource record but can only be used at the zone apex and only responds to address record (A or AAAA) queries. For more information, see Alias records.

invalidValue

This is a generic error that means something about your request was invalid, independent of the server's state. The error message includes the path to the problematic part of the request, as well as the invalid value. This error could be triggered by many different things, such as:

  • You specified a resource record set with an invalid name. For example, foo...bar is not a valid DNS name (empty middle label).
  • You specified a resource record set with an invalid type. For example A and CNAME are valid types, but XXX is not a valid type.
  • You specified a resource record set with no records in it.
  • You specified resource record data that is invalid. For example 1.1.1.1 is valid resource record data for type A. XXX is invalid resource record data for type A.
  • You specified a resource record set with an invalid TTL. The TTL must be a non-negative integer.
  • You specified a resource name that is too long.

Recommended action: Fix your request.

What's next