dnssec

Creates, updates, deletes, gets or lists a dnssec resource.

Overview

Name	`dnssec`
Type	Resource
Id	`cloudflare.dns.dnssec`

Fields

The following fields are returned by SELECT queries:

list

DNSSEC Details response.

Name	Datatype	Description
`algorithm`	`string`	Algorithm key code. (example: 13)
`digest`	`string`	Digest hash. (example: 48E939042E82C22542CB377B580DFDC52A361CEFDC72E7F9107E2B6BD9306A45)
`digest_algorithm`	`string`	Type of digest algorithm. (example: SHA256)
`digest_type`	`string`	Coded type for digest algorithm. (example: 2)
`dnssec_multi_signer`	`boolean`	If true, multi-signer DNSSEC is enabled on the zone, allowing multiple providers to serve a DNSSEC-signed zone at the same time. This is required for DNSKEY records (except those automatically generated by Cloudflare) to be added to the zone. See Multi-signer DNSSEC for details.
`dnssec_presigned`	`boolean`	If true, allows Cloudflare to transfer in a DNSSEC-signed zone including signatures from an external provider, without requiring Cloudflare to sign any records on the fly. Note that this feature has some limitations. See Cloudflare as Secondary for details.
`dnssec_use_nsec3`	`boolean`	If true, enables the use of NSEC3 together with DNSSEC on the zone. Combined with setting dnssec_presigned to true, this enables the use of NSEC3 records when transferring in from an external provider. If dnssec_presigned is instead set to false (default), NSEC3 records will be generated and signed at request time. See DNSSEC with NSEC3 for details.
`ds`	`string`	Full DS record. (example: example.com. 3600 IN DS 16953 13 2 48E939042E82C22542CB377B580DFDC52A361CEFDC72E7F9107E2B6BD9306A45)
`flags`	`number`	Flag for DNSSEC record.
`key_tag`	`number`	Code for key tag.
`key_type`	`string`	Algorithm key type. (example: ECDSAP256SHA256)
`modified_on`	`string (date-time)`	When DNSSEC was last modified. (example: 2014-01-01T05:20:00Z)
`public_key`	`string`	Public key for DS record. (example: oXiGYrSTO+LSCJ3mohc8EP+CzF9KxBj8/ydXJ22pKuZP3VAC3/Md/k7xZfz470CoRyZJ6gV6vml07IC3d8xqhA==)
`status`	`string`	Status of DNSSEC, based on user-desired state and presence of necessary records. (active, pending, disabled, pending-disabled, error) (example: active)

Methods

The following methods are available for this resource:

Name	Accessible by	Required Params	Description
`list`	`select`	`zone_id`	Details about DNSSEC status and configuration.
`edit`	`update`	`zone_id`	Enable or disable DNSSEC.
`delete`	`delete`	`zone_id`	Delete DNSSEC.

Parameters

Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.

Name	Datatype	Description
`zone_id`	`string`	The Cloudflare zone ID.

`SELECT` examples

list

Details about DNSSEC status and configuration.

SELECT
algorithm,
digest,
digest_algorithm,
digest_type,
dnssec_multi_signer,
dnssec_presigned,
dnssec_use_nsec3,
ds,
flags,
key_tag,
key_type,
modified_on,
public_key,
status
FROM cloudflare.dns.dnssec
WHERE zone_id = '{{ zone_id }}' -- required
;

`UPDATE` examples

edit

Enable or disable DNSSEC.

UPDATE cloudflare.dns.dnssec
SET 
dnssec_multi_signer = {{ dnssec_multi_signer }},
dnssec_presigned = {{ dnssec_presigned }},
dnssec_use_nsec3 = {{ dnssec_use_nsec3 }},
status = '{{ status }}'
WHERE 
zone_id = '{{ zone_id }}' --required
RETURNING
errors,
messages,
result,
success;

`DELETE` examples

delete

Delete DNSSEC.

DELETE FROM cloudflare.dns.dnssec
WHERE zone_id = '{{ zone_id }}' --required
;

Overview​

Fields​

Methods​

Parameters​

SELECT examples​

UPDATE examples​

DELETE examples​