Policies

For a list of methods for this resource, see the end of this page.

Resource representations

A policy is a collection of DNS rules applied to one or more Virtual Private Cloud resources.

{
  "kind": "dns#policy",
  "id": unsigned long,
  "name": string,
  "enableInboundForwarding": boolean,
  "description": string,
  "networks": [
    {
      "kind": "dns#policyNetwork",
      "networkUrl": string
    }
  ],
  "alternativeNameServerConfig": {
    "kind": "dns#policyAlternativeNameServerConfig",
    "targetNameServers": [
      {
        "kind": "dns#policyAlternativeNameServerConfigTargetNameServer",
        "ipv4Address": string,
        "forwardingPath": string
      }
    ]
  },
  "enableLogging": boolean
}
Property name Value Description Notes
alternativeNameServerConfig nested object Sets an alternative name server for the associated networks. When specified, all DNS queries are forwarded to a name server that you choose. Names such as .internal are not available when an alternative name server is specified.
alternativeNameServerConfig.kind string Identifies what kind of resource this is. Value: the fixed string "dns#policyAlternativeNameServerConfig".
alternativeNameServerConfig.targetNameServers[] list Sets an alternative name server for the associated networks. When specified, all DNS queries are forwarded to a name server that you choose. Names such as .internal are not available when an alternative name server is specified.
alternativeNameServerConfig.targetNameServers[].forwardingPath string Forwarding path for this TargetNameServer. If unset or set to DEFAULT, Cloud DNS makes forwarding decisions based on address ranges; that is, RFC1918 addresses go to the VPC network, non-RFC1918 addresses go to the internet. When set to PRIVATE, Cloud DNS always sends queries through the VPC network for this target.

Acceptable values are:
  • "default"
  • "private"
alternativeNameServerConfig.targetNameServers[].ipv4Address string IPv4 address to forward queries to.
alternativeNameServerConfig.targetNameServers[].kind string Identifies what kind of resource this is. Value: the fixed string "dns#policyAlternativeNameServerConfigTargetNameServer".
description string A mutable string of at most 1024 characters associated with this resource for the user's convenience. Has no effect on the policy's function.
enableInboundForwarding boolean Allows networks bound to this policy to receive DNS queries sent by VMs or applications over VPN connections. When enabled, a virtual IP address is allocated from each of the subnetworks that are bound to this policy.
enableLogging boolean Controls whether logging is enabled for the networks bound to this policy. Defaults to no logging if not set.
id unsigned long Unique identifier for the resource; defined by the server (output only).
kind string Identifies what kind of resource this is. Value: the fixed string "dns#policy".
name string User-assigned name for this policy.
networks[] list List of network names specifying networks to which this policy is applied.
networks[].kind string Identifies what kind of resource this is. Value: the fixed string "dns#policyNetwork".
networks[].networkUrl string The fully qualified URL of the VPC network to bind to. This should be formatted like https://!www.googleapis.com/compute/v1/projects/{project}/global/networks/{network}

Methods

create
Creates a new Policy.
delete
Deletes a previously created Policy. Fails if the policy is still being referenced by a network.
get
Fetches the representation of an existing Policy.
list
Enumerates all Policies associated with a project.
patch
Applies a partial update to an existing Policy.
update
Updates an existing Policy.