List

5 variables

18 variables

Enumerate DnsKeys to a ResourceRecordSet collection

Authorization

To use this building block you will have to grant access to at least one of the following scopes:

View and manage your data across Google Cloud Platform services
View your data across Google Cloud Platform services
View your DNS records hosted by Google Cloud DNS
View and manage your DNS records hosted by Google Cloud DNS

Input

This building block consumes 5 input parameters

Name	Format	Description
`project` Required	`STRING`	Identifies the project addressed by this request
`managedZone` Required	`STRING`	Identifies the managed zone addressed by this request. Can be the managed zone name or id
`digestType`	`STRING`	An optional comma-separated list of digest types to compute and display for key signing keys. If omitted, the recommended digest type will be computed and displayed
`maxResults`	`INTEGER`	Optional. Maximum number of results to be returned. If unspecified, the server will decide how many results to return
`pageToken`	`STRING`	Optional. A tag returned by a previous list request that was truncated. Use this parameter to continue a previous list request

= Parameter name
= Format

project STRING Required

Identifies the project addressed by this request

managedZone STRING Required

Identifies the managed zone addressed by this request. Can be the managed zone name or id

digestType STRING

An optional comma-separated list of digest types to compute and display for key signing keys. If omitted, the recommended digest type will be computed and displayed

maxResults INTEGER

Optional. Maximum number of results to be returned. If unspecified, the server will decide how many results to return

pageToken STRING

Optional. A tag returned by a previous list request that was truncated. Use this parameter to continue a previous list request

Output

This building block provides 18 output parameters

Name	Format	Description
`dnsKeys[]`	`OBJECT`	A DNSSEC key pair
`dnsKeys[].algorithm`	`ENUMERATION`	String mnemonic specifying the DNSSEC algorithm of this key. Immutable after creation time
`dnsKeys[].creationTime`	`STRING`	The time that this resource was created in the control plane. This is in RFC3339 text format. Output only
`dnsKeys[].description`	`STRING`	A mutable string of at most 1024 characters associated with this resource for the user's convenience. Has no effect on the resource's function
`dnsKeys[].digests[]`	`OBJECT`
`dnsKeys[].digests[].digest`	`STRING`	The base-16 encoded bytes of this digest. Suitable for use in a DS resource record
`dnsKeys[].digests[].type`	`ENUMERATION`	Specifies the algorithm used to calculate this digest
`dnsKeys[].id`	`STRING`	Unique identifier for the resource; defined by the server (output only)
`dnsKeys[].isActive`	`BOOLEAN`	Active keys will be used to sign subsequent changes to the ManagedZone. Inactive keys will still be present as DNSKEY Resource Records for the use of resolvers validating existing signatures
`dnsKeys[].keyLength`	`INTEGER`	Length of the key in bits. Specified at creation time then immutable
`dnsKeys[].keyTag`	`INTEGER`	The key tag is a non-cryptographic hash of the a DNSKEY resource record associated with this DnsKey. The key tag can be used to identify a DNSKEY more quickly (but it is not a unique identifier). In particular, the key tag is used in a parent zone's DS record to point at the DNSKEY in this child ManagedZone. The key tag is a number in the range [0, 65535] and the algorithm to calculate it is specified in RFC4034 Appendix B. Output only
`dnsKeys[].kind`	`STRING`	Identifies what kind of resource this is. Value: the fixed string "dns#dnsKey"
`dnsKeys[].publicKey`	`STRING`	Base64 encoded public half of this key. Output only
`dnsKeys[].type`	`ENUMERATION`	One of "KEY_SIGNING" or "ZONE_SIGNING". Keys of type KEY_SIGNING have the Secure Entry Point flag set and, when active, will be used to sign only resource record sets of type DNSKEY. Otherwise, the Secure Entry Point flag will be cleared and this key will be used to sign only resource record sets of other types. Immutable after creation time
`header`	`OBJECT`	Elements common to every response
`header.operationId`	`STRING`	For mutating operation requests that completed successfully. This is the client_operation_id if the client specified it, otherwise it is generated by the server (output only)
`kind`	`STRING`	Type of resource
`nextPageToken`	`STRING`	The presence of this field indicates that there exist more results following your last page of results in pagination order. To fetch them, make another list request using this value as your pagination token. In this way you can retrieve the complete contents of even very large collections one page at a time. However, if the contents of the collection change between the first and last paginated list request, the set of all elements returned will be an inconsistent view of the collection. There is no way to retrieve a "snapshot" of collections larger than the maximum page size

= Parameter name
= Format

dnsKeys[] OBJECT

A DNSSEC key pair

dnsKeys[].algorithm ENUMERATION

String mnemonic specifying the DNSSEC algorithm of this key. Immutable after creation time

dnsKeys[].creationTime STRING

The time that this resource was created in the control plane. This is in RFC3339 text format. Output only

dnsKeys[].description STRING

A mutable string of at most 1024 characters associated with this resource for the user's convenience. Has no effect on the resource's function

dnsKeys[].digests[] OBJECT

dnsKeys[].digests[].digest STRING

The base-16 encoded bytes of this digest. Suitable for use in a DS resource record

dnsKeys[].digests[].type ENUMERATION

Specifies the algorithm used to calculate this digest

dnsKeys[].id STRING

Unique identifier for the resource; defined by the server (output only)

dnsKeys[].isActive BOOLEAN

Active keys will be used to sign subsequent changes to the ManagedZone. Inactive keys will still be present as DNSKEY Resource Records for the use of resolvers validating existing signatures

dnsKeys[].keyLength INTEGER

Length of the key in bits. Specified at creation time then immutable

dnsKeys[].keyTag INTEGER

The key tag is a non-cryptographic hash of the a DNSKEY resource record associated with this DnsKey. The key tag can be used to identify a DNSKEY more quickly (but it is not a unique identifier). In particular, the key tag is used in a parent zone's DS record to point at the DNSKEY in this child ManagedZone. The key tag is a number in the range [0, 65535] and the algorithm to calculate it is specified in RFC4034 Appendix B. Output only

dnsKeys[].kind STRING

Identifies what kind of resource this is. Value: the fixed string "dns#dnsKey"

dnsKeys[].publicKey STRING

Base64 encoded public half of this key. Output only

dnsKeys[].type ENUMERATION

One of "KEY_SIGNING" or "ZONE_SIGNING". Keys of type KEY_SIGNING have the Secure Entry Point flag set and, when active, will be used to sign only resource record sets of type DNSKEY. Otherwise, the Secure Entry Point flag will be cleared and this key will be used to sign only resource record sets of other types. Immutable after creation time

header OBJECT

Elements common to every response

header.operationId STRING

For mutating operation requests that completed successfully. This is the client_operation_id if the client specified it, otherwise it is generated by the server (output only)

kind STRING

Type of resource

nextPageToken STRING

The presence of this field indicates that there exist more results following your last page of results in pagination order. To fetch them, make another list request using this value as your pagination token.

In this way you can retrieve the complete contents of even very large collections one page at a time. However, if the contents of the collection change between the first and last paginated list request, the set of all elements returned will be an inconsistent view of the collection. There is no way to retrieve a "snapshot" of collections larger than the maximum page size

Dns Keys

List

Authorization

Input

Output