Skip to main content
Create a zone with resource records in DNS hosting (actual)
Last update:

Create a zone with resource records in DNS hosting (actual)

We recommend create resources in order. If you create all the resources that are described in the configuration file The Terraform creates resources regardless of the order in which they are listed in the file.


  1. Optional: configure your ISPs.
  2. Create an area.
  3. Create resource records.
  4. Delegate domain management.

Configuration files

Example file for configuring providers
terraform {
  required_providers {
    selectel  = {
      source  = "selectel/selectel"
      version = "6.0.0"
    }
    openstack = {
      source  = "terraform-provider-openstack/openstack"
      version = "2.1.0"
    }
  }
}

provider "selectel" {
  domain_name = "123456"
  username    = "user"
  password    = "password"
  auth_region = "pool"
  auth_url    = "https://cloud.api.selcloud.ru/identity/v3/"
}

resource "selectel_vpc_project_v2" "project_1" {
  name = "project"
}

resource "selectel_iam_serviceuser_v1" "serviceuser_1" {
  name         = "username"
  password     = "password"
  role {
    role_name  = "member"
    scope      = "project"
    project_id = selectel_vpc_project_v2.project_1.id 
  }
}

provider "openstack" {
  auth_url    = "https://cloud.api.selcloud.ru/identity/v3"
  domain_name = "123456"
  tenant_id   = selectel_vpc_project_v2.project_1.id
  user_name   = selectel_iam_serviceuser_v1.serviceuser_1.name
  password    = selectel_iam_serviceuser_v1.serviceuser_1.password
  region      = "ru-9"
}
Example file for creating a zone with resource records in DNS hosting (actual)
resource "selectel_domains_zone_v2" "zone_1" {
  name       = "example.com."
  project_id = selectel_vpc_project_v2.project_1.id
}

resource "selectel_domains_rrset_v2" "a_rrset_1" {
  zone_id    = selectel_domains_zone_v2.zone_1.id
  name       = selectel_domains_zone_v2.zone_1.name
  type       = "A"
  ttl        = 60
  project_id = selectel_vpc_project_v2.project_1.id
  records {
    content = "203.0.113.5"
  }
  records {
    content = "203.0.113.6"
  }
}

resource "selectel_domains_rrset_v2" "mx_rrset_1" {
  zone_id    = selectel_domains_zone_v2.zone_1.id
  name       = selectel_domains_zone_v2.zone_1.name
  type       = "MX"
  ttl        = 60
  project_id = selectel_vpc_project_v2.project_1.id
  records {
    content = "10 mail.example.org."
  }
}

resource "selectel_domains_rrset_v2" "txt_rrset_1" {
  zone_id    = selectel_domains_zone_v2.zone_1.id
  name       = selectel_domains_zone_v2.zone_1.name
  type       = "TXT"
  ttl        = 60
  project_id = selectel_vpc_project_v2.project_1.id
  records {
    content = "\"v=spf1 include:spf.mail.selcloud.ru ?all\""
  }
}

optional: configure providers

If you're set up the ISPs Selectel and OpenStack, skip this step.

  1. Make sure that in the control panel you created a service user with the Account Administrator and User Administrator roles.

  2. Create a directory to store the configuration files and a separate file with the extension .tf to configure the ISPs.

  3. Add Selectel and OpenStack providers to the file to configure the providers:

    terraform {
      required_providers {
        selectel  = {
          source  = "selectel/selectel"
          version = "6.0.0"
        }
        openstack = {
          source  = "terraform-provider-openstack/openstack"
          version = "2.1.0"
        }
      }
    }

    Here version — provider versions. The current version can be found in the Selectel documentation (in the Terraform Registry and GitHub) and OpenStack (in Terraform Registry and GitHub).

    Read more about products, services and services that can be managed with providers in the instructions Selectel and OpenStack providers.

  4. Initialize the Selectel provider:

    provider "selectel" {
      domain_name = "123456"
      username    = "user"
      password    = "password"
      auth_region = "pool"
      auth_url    = "https://cloud.api.selcloud.ru/identity/v3/"
    }

    Here:

    • domain_name — Selectel account number. You can look in control panels in the upper right-hand corner;
    • username — name service user with the Account Administrator and User Administrator roles. You can look in control panels: section Identity & Access ManagementUser management → tab Service users (the section is only available to the Account Owner and User Administrator);
    • password — service user password. You can view it when creating a user or change to a new one.

  5. Create a project:

    resource "selectel_vpc_project_v2" "project_1" {
      name = "project"
    }

    Check out the detailed description of the resource selectel_vpc_project_v2.

  6. Create a service user to access the project and assign the Project Administrator role to it:

    resource "selectel_iam_serviceuser_v1" "serviceuser_1" {
      name         = "username"
      password     = "password"
      role {
        role_name  = "member"
        scope      = "project"
        project_id = selectel_vpc_project_v2.project_1.id 
      }
    }

    Here:

    • username — username;
    • password — user password. The password must be no shorter than eight characters and contain Latin letters of different cases and digits;
    • project_id — Project ID. You can look in control panels: section Cloud platform → open the project menu (name of the current project) → in the line of the desired project, click .

    Check out the detailed description of the resource selectel_iam_serviceuser_v1.

  7. Initialize the OpenStack provider:

    provider "openstack" {
      auth_url    = "https://cloud.api.selcloud.ru/identity/v3"
      domain_name = "123456"
      tenant_id   = selectel_vpc_project_v2.project_1.id
      user_name   = selectel_iam_serviceuser_v1.serviceuser_1.name
      password    = selectel_iam_serviceuser_v1.serviceuser_1.password
      region      = "ru-9"
    }

    Here:

    • domain_name — Selectel account number. You can look in control panels in the upper right-hand corner;
    • region — pool for example ru-9. All resources will be created in this pool. The list of available pools can be found in the instructions Availability matrices.

  8. If at the same time you are setting up your providers resource creation then for OpenStack resources add the argument depends_on. For example, for the openstack_networking_network_v2 resource:

    resource "openstack_networking_network_v2" "network_1" {
      name           = "private-network"
      admin_state_up = "true"

      depends_on = [
        selectel_vpc_project_v2.project_1,
        selectel_iam_serviceuser_v1.serviceuser_1
      ]
    }

  9. Optional: if you want to use a mirror, create a separate Terraform CLI configuration file and add a block to it:

    provider_installation {
      network_mirror {
        url = "https://tf-proxy.selectel.ru/mirror/v1/"
        include = ["registry.terraform.io/*/*"]
      }
      direct {
        exclude = ["registry.terraform.io/*/*"]
      }
    }

    Read more about mirror settings in the manual CLI Configuration File HashiCorp documentation.

  10. Open the CLI.

  11. Initialize the Terraform configuration in the directory:

    terraform init

  12. Check that the configuration files have been compiled without errors:

    terraform validate

  13. Format the configuration files:

    terraform fmt

  14. Check the resources that will be created:

    terraform plan

  15. Apply the changes and create the resources:

    terraform apply

  16. Confirm creation — enter yes and press Enter. The created resources are displayed in the control panel.

  17. If there were insufficient quotas to create resources, increase quotas.

Create a zone

resource "selectel_domains_zone_v2" "zone_1" {
  name       = "example.com."
  project_id = selectel_vpc_project_v2.project_1.id
}

Here. name — zone name, e.g. example.com..

Check out the detailed description of the resource selectel_domains_zone_v2.

Create resource records

resource "selectel_domains_rrset_v2" "a_rrset_1" {
  zone_id    = selectel_domains_zone_v2.zone_1.id
  name       = selectel_domains_zone_v2.zone_1.name
  type       = "A"
  ttl        = 60
  project_id = selectel_vpc_project_v2.project_1.id
  records {
    content = "203.0.113.5"
  }
  records {
    content = "203.0.113.6"
  }
}

resource "selectel_domains_rrset_v2" "mx_rrset_1" {
  zone_id    = selectel_domains_zone_v2.zone_1.id
  name       = selectel_domains_zone_v2.zone_1.name
  type       = "MX"
  ttl        = 60
  project_id = selectel_vpc_project_v2.project_1.id
  records {
    content = "10 mail.example.org."
  }
}

resource "selectel_domains_rrset_v2" "txt_rrset_1" {
  zone_id    = selectel_domains_zone_v2.zone_1.id
  name       = selectel_domains_zone_v2.zone_1.name
  type       = "TXT"
  ttl        = 60
  project_id = selectel_vpc_project_v2.project_1.id
  records {
    content = "\"v=spf1 include:spf.mail.selcloud.ru ?all\""
  }
}

Here:

  • type — record type;
  • ttl — record lifetime in seconds, from 60 to 604,800;
  • content — the value of the record.

Check out the detailed description of the resource selectel_domains_rrset_v2.

Delegate domain management

In order to transfer control of domain resource records to Selectel servers, the domain must be delegated — you must specify these servers in the domain's NS records.

  1. Go to the control panel of the domain registrar where your domain is registered.
  2. In the NS entries, replace the values with Selectel's NS servers: a.ns.selectel.ru, b.ns.selectel.ru, c.ns.selectel.ru, d.ns.selectel.ru. Each server must be listed in a separate entry.