Skip to content
Learni
View all tutorials
Infrastructure

How to Configure Cloud DNS with Terraform in 2026

18 minINTERMEDIATE
TerraformGoogle CloudDNS
Lire en français

Introduction

Google Cloud Platform's Cloud DNS enables scalable management of public and private DNS zones. In this tutorial, you will learn how to fully automate zone and record creation using Terraform. The Infrastructure as Code approach ensures reproducibility and reduces manual errors. We will start with a basic configuration and progress to a production-ready setup including routing policies. This guide targets developers and DevOps engineers with prior experience in GCP and Terraform.

Prerequisites

  • Google Cloud account with billing enabled
  • Terraform 1.7+ installed
  • gcloud CLI configured and authenticated
  • Basic knowledge of DNS and Terraform

Initializing the Terraform Project

terminal
mkdir cloud-dns-terraform && cd cloud-dns-terraform
terraform init

We create a dedicated folder and initialize Terraform to download the required providers.

Configuring the GCP Provider

providers.tf
terraform {
  required_providers {
    google = {
      source  = "hashicorp/google"
      version = "~> 5.0"
    }
  }
}

provider "google" {
  project = var.project_id
  region  = "europe-west1"
}

The Google provider is configured using the project_id variable. Always pin the provider version to avoid breaking changes.

Creating the DNS Zone

dns_zone.tf
resource "google_dns_managed_zone" "primary" {
  name        = "learni-zone"
  dns_name    = "learni.dev."
  description = "Zone DNS principale pour learni.dev"

  labels = {
    environment = "production"
    managed_by  = "terraform"
  }
}

This resource creates a public DNS zone. The dns_name must end with a dot. Labels make it easier to filter resources in the GCP console.

Adding A and CNAME Records

dns_records.tf
resource "google_dns_record_set" "www" {
  managed_zone = google_dns_managed_zone.primary.name
  name         = "www.learni.dev."
  type         = "A"
  ttl          = 300
  rrdatas      = ["34.120.12.45"]
}

resource "google_dns_record_set" "app" {
  managed_zone = google_dns_managed_zone.primary.name
  name         = "app.learni.dev."
  type         = "CNAME"
  ttl          = 300
  rrdatas      = ["www.learni.dev."]
}

Each record is managed independently. Always use the FQDN format with the trailing dot to prevent resolution errors.

Variables and Outputs

variables.tf
variable "project_id" {
  description = "ID du projet GCP"
  type        = string
}

output "name_servers" {
  value       = google_dns_managed_zone.primary.name_servers
  description = "Serveurs de noms à configurer chez le registrar"
}

Outputs make it easy to retrieve the name servers that must be delegated at your DNS registrar.

Best Practices

  • Always version Terraform configurations in Git
  • Use workspaces to separate environments
  • Enable DNS audit logs in GCP
  • Set reasonable TTLs (300s in dev, 3600s in prod)
  • Add labels systematically for resource tagging

Common Errors to Avoid

  • Forgetting the trailing dot in DNS names (resolution error)
  • Failing to delegate name servers at the registrar
  • Using very low TTLs in production (high costs)
  • Manually editing records in the GCP console

Going Further

Explore our advanced cloud infrastructure courses to deepen your knowledge of Terraform and Google Cloud DNS.