17 Oct, 2018

USING THE CLOUDFLARE API TO MANAGE DNS RECORDS

dns, RPI

I’m probably doing Cloudflare a disservice by categorising it as a CDN provider, but that’s certainly one of the many services they offer and perhaps how most individuals using their free offering see them. Like me, I’m certain the vast majority of that group use the Cloudflare dashboard to configure their domains, but Cloudflare provides an API that allows you to programmatically manage those DNS records through a command-line interface of a Unix shell such as Bash.

The documentation states:

Using Cloudflare’s API, you can do just about anything you can do on cloudflare.com via the customer dashboard.

Although the Cloudflare API documentation gives numerous examples, it took me a while to get to grips with them, so I thought it may be useful for others if I document my examples.

To use the Cloudflare API you’ll need the email address used to login to your Cloudflare account and your Cloudlare account’s global API key.

Table of Contents

TOC

2. ABOUT THE CODE SAMPLES

2.1 Code

Below is an example of code used throughout this article together with the output if the request is successful and the output if unsuccessful:CODEOUTPUT (SUCCESS)OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
TYPE="A"; \
NAME="example.com"; \
CONTENT="203.0.113.50"; \
PROXIED="true"; \
TTL="1"; \
curl -X POST "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    --data '{"type":"'"$TYPE"'","name":"'"$NAME"'","content":"'"$CONTENT"'","proxied":'"$PROXIED"',"ttl":'"$TTL"'}' \
    | python -m json.tool;

I’ve assigned certain values in the code to variables – EMAILKEY etc – to make it easier to see how this data is used throughout the code. Below is a sample DNS record on the Cloudflare customer dashboard together with a table summarising the variables used.

Cloudflare dashboard showing a single DNS record for example.com

VARIABLE VALUE
EMAIL The email address associated with your Cloudflare account.
KEY The global API key associated with your Cloudflare account.
DOMAIN The name of the domain to create a zone record for.
JUMP_START If true, automatically attempts to fetch existing DNS records when creating a domain’s zone record
ZONE_ID The unique ID of the domain’s zone record. Assigned by Cloudflare. Required when managing an existing zone record and its DNS records.
DNS_ID The unique ID given to each of the domain’s individual DNS records. Assigned by Cloudflare. Required when updating or deleting an existing DNS record.
TYPE The DNS record type including A, CNAME, MX and TCXT ecords. This equates to the Typecolumn on the Cloudflare dashboard.
NAME The DNS record name. This equates to the Name column on the Cloudflare dashboard.
CONTENT The DNS record content. This equates to the Value column on the Cloudflare dashboard.
PROXIED If true, a DNS record will pass through Cloudflare’s servers. Un-proxied records will not and are for DNS resolution only. Applicable to A and CNAME records only. This equates to the Status column on the Cloudflare dashboard.
TTL Valid TTL. Must be between 120 and 2,147,483,647 seconds, or 1 for automatic
PRIORITY The order in which servers should be contacted. Applicable to MX records only.
ALL If true, JSON output will be pretty-printed using Python’s json.tool module. Otherwise, output will be limited to specified data.

Variables Passed To The Cloudflare APITOC

2.2 Output

All requests to Cloudflare’s API are made using HTTPS and return unformatted JSON data. To make this output readable, I’ve piped the JSON data through Python’s json.tool – a simple command line interface for the json module to pretty-print JSON objects. All key/value pairs are sorted alphabetically.

HTTPS requests to the API using the POST or DELETE methods return a JSON object containing 4 top-level key/value pairs. These keys are errorsmessagesresult and success. The values for these keys can be an empty array:

"errors": [],

…another object containing other key/value pairs:

"result": {
    "content": "203.0.113.50",
    "created_on": "2018-01-27T15:57:52.254408Z",
    ...
},

…or a boolean value:

"success": true

For HTTPS requests using GETresult key value objects are contained within an array:

"result": [
    {
    	...
        "id": "8b717207bcee4047af2e9dff95832996",
    	...
    }
],

In addition there is a fifth top-level key/value pair for the GET method named result_infowhose value is an object containing other key/value pairs:

"result_info": {
    "count": 1,
    ...
},

TOC

2.3 Alternative Code and Output

Some requests to the Cloudflare API produce a lot of JSON data. As an alternative to the main code samples, I have provided alternative code whose output focuses on a particular piece of data – the unique ID of a domain’s DNS record for example. In the example below, the variable ALL is included and controls how JSON data is displayed. If ALL is true, JSON data is piped to Python’s json.tool as before. However, if false, only limited JSON data – as specified in the statements passed as a command to python – is displayed.ALTERNATIVE CODEALTERNATIVE OUTPUT (SUCCESS)ALTERNATIVE OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
TYPE="A"; \
NAME="example.com"; \
CONTENT="203.0.113.50"; \
PROXIED="true"; \
TTL="1"; \
ALL="false"; \
curl -X POST "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    --data '{"type":"'"$TYPE"'","name":"'"$NAME"'","content":"'"$CONTENT"'","proxied":'"$PROXIED"',"ttl":'"$TTL"'}' \
    | if $ALL; then python -m json.tool; else python -c "import sys,json;data=json.loads(sys.stdin.read()); print('Type: ' + data['result']['type'] + '\n' + 'DNS ID: ' + data['result']['id'] if data['success'] else 'ERROR: ' + data['errors'][0]['message'])"; fi

TOC

3. ClOUDFLARE RESTRICTIONS

Adding DNS records on Cloudflare for a given domain will have no affect on where that domain’s DNS resolves until its nameservers are changed via the domain’s registrar to point to Cloudflare’s. As such, you should be able to use any domain name when experimenting with the Cloudflare API, but Cloudflare does impose some restrictions:

  • You can’t create DNS records for recognised domains like google.com, microsoft.com, example.com etc. Should you try, you’ll receive the error: This zone is banned and cannot be added to Cloudflare at this time. I’ve used example.com in all of my code examples, but this is purely illustrative.
  • The domain must be registered. You can’t use google.test, microsoft.invalid, example.localhost even though these TLDs have been reserved for testing and documentation purposes by the IETF (RFC 2606). The error message is We were unable to identify example.localhost as a registered domain.
  • A valid IP address is also required. Using 12.345.678.9 returns DNS Validation Error. I used 203.0.113.50 which is in a range of IP addresses which the IETF (RFC 5737) have reserved for testing and documentation purposes.

TOC

4. WORKING CODE EXAMPLES

Below is a screenshot of the Cloudflare dashboard showing DNS records for the domain example.com. We’ll create each of these DNS records using the Cloudflare API.

Cloudflare dashboard showing DNS records for example.com

Each of the following code examples when executed from the command-line should do exactly as described, providing valid data is supplied for EMAILKEY and where applicable DOMAINZONE_ID and DNS_ID.

All code examples were successfully tested using cURL 7.54.0 and Python 2.7.10 on macOS High Sierra 10.13.3 and cURL 7.47.0 and Python 2.7.12 on Ubuntu 16.04.3.TOC

4.1 ZONE RECORDS

4.1.1 Create a New Zone Record for a Domain

In order to create DNS records for a domain, we first need to create a unique zone record for that domain to which we’ll later add these DNS records. To create a zone record for example.com, use the following code:CODEOUTPUT (SUCCESS)OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
DOMAIN="example.com"; \
JUMP_START="false"; \
curl -X POST "https://api.cloudflare.com/client/v4/zones/" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    --data '{"name":"'"$DOMAIN"'","jump_start":'"$JUMP_START"'}' \
    | python -m json.tool;

Alternatively, to limit the data that is displayed use:ALTERNATIVE CODEALTERNATIVE OUTPUT (SUCCESS)ALTERNATIVE OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
DOMAIN="example.com"; \
JUMP_START="false"; \
ALL="false"; \
curl -X POST "https://api.cloudflare.com/client/v4/zones/" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    --data '{"name":"'"$DOMAIN"'","jump_start":'"$JUMP_START"'}' \
    | if $ALL; then python -m json.tool; else python -c "import sys,json;data=json.loads(sys.stdin.read()); print('ZONE_ID: ' + data['result']['id'] if data['success'] else 'ERROR: ' + data['errors'][0]['message'])"; fi

TOC

4.1.2 List an Existing Zone Record for a Domain

To display the existing zone record for example.com, use the following code:CODEOUTPUT (SUCCESS)OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
DOMAIN="example.com"; \
curl -X GET "https://api.cloudflare.com/client/v4/zones?name=$DOMAIN" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    | python -m json.tool;

Alternatively, to limit the data that is displayed use:ALTERNATIVE CODEALTERNATIVE OUTPUT (SUCCESS)ALTERNATIVE OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
DOMAIN="example.com"; \
ALL="false"; \
curl -X GET "https://api.cloudflare.com/client/v4/zones?name=$DOMAIN" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    | if $ALL; then python -m json.tool; else python -c "import sys,json;data=json.loads(sys.stdin.read()); print 'ZONE_ID: ' + data['result'][0]['id'] if data['result'] else 'ERROR: Does a zone record for \"$DOMAIN\" exist?'"; fi

TOC

4.1.3 Delete an Existing Zone Record for a Domain

To delete the existing zone record for example.com and all its related DNS records, use the following code. Note that we need to provide the unique ID of the domain’s existing zone record:CODEOUTPUT (SUCCESS)OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
curl -X DELETE "https://api.cloudflare.com/client/v4/zones/$ZONE_ID" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    | python -m json.tool;

Alternatively, to limit the data that is displayed use:ALTERNATIVE CODEALTERNATIVE OUTPUT (SUCCESS)ALTERNATIVE OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
ALL="false"; \
curl -X DELETE "https://api.cloudflare.com/client/v4/zones/$ZONE_ID" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    | if $ALL; then python -m json.tool; else python -c "import sys,json;data=json.loads(sys.stdin.read()); print 'Zone for ID \"$ZONE_ID\" deleted.' if data['success'] else 'ERROR: ' + data['errors'][0]['message']"; fi

TOC

4.2 CREATE NEW DNS RECORDS

4.2.1 Create a New DNS [A] Record for a Domain

To create a DNS record that points example.com to the IP address 203.0.113.50, use the following code:CODEOUTPUT (SUCCESS)OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
TYPE="A"; \
NAME="example.com"; \
CONTENT="203.0.113.50"; \
PROXIED="true"; \
TTL="1"; \
curl -X POST "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    --data '{"type":"'"$TYPE"'","name":"'"$NAME"'","content":"'"$CONTENT"'","proxied":'"$PROXIED"',"ttl":'"$TTL"'}' \
    | python -m json.tool;

Alternatively, to limit the data that is displayed use:ALTERNATIVE CODEALTERNATIVE OUTPUT (SUCCESS)ALTERNATIVE OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
TYPE="A"; \
NAME="example.com"; \
CONTENT="203.0.113.50"; \
PROXIED="true"; \
TTL="1"; \
ALL="false"; \
curl -X POST "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    --data '{"type":"'"$TYPE"'","name":"'"$NAME"'","content":"'"$CONTENT"'","proxied":'"$PROXIED"',"ttl":'"$TTL"'}' \
    | if $ALL; then python -m json.tool; else python -c "import sys,json;data=json.loads(sys.stdin.read()); print('Type: ' + data['result']['type'] + '\n' + 'DNS ID: ' + data['result']['id'] if data['success'] else 'ERROR: ' + data['errors'][0]['message'])"; fi

The Cloudflare dashboard now shows:

Cloudflare dashboard showing the newly created A record for example.com

TOC

4.2.2 Create a New DNS [A] Record for a Sub-domain

To create a DNS record that points sub-domain.example.com to the IP address 203.0.113.50, use the following code:CODEOUTPUT (SUCCESS)OUTPUT (FAILURE)

{
    "errors": [],
    "messages": [],
    "result": {
        "content": "203.0.113.50",
        "created_on": "2018-01-31T10:05:17.945648Z",
        "id": "1edaebfd2c02a69beec51da4476e743e",
        "locked": false,
        "meta": {
            "auto_added": false,
            "managed_by_apps": false
        },
        "modified_on": "2018-01-31T10:05:17.945648Z",
        "name": "sub-domain.example.com",
        "proxiable": true,
        "proxied": true,
        "ttl": 1,
        "type": "A",
        "zone_id": "8b717207bcee4047af2e9dff95832996",
        "zone_name": "example.com"
    },
    "success": true
}

Alternatively, to limit the data that is displayed use:ALTERNATIVE CODEALTERNATIVE OUTPUT (SUCCESS)ALTERNATIVE OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
TYPE="A"; \
NAME="sub-domain"; \
CONTENT="203.0.113.50"; \
PROXIED="true"; \
TTL="1"; \
ALL="false"; \
curl -X POST "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    --data '{"type":"'"$TYPE"'","name":"'"$NAME"'","content":"'"$CONTENT"'","proxied":'"$PROXIED"',"ttl":'"$TTL"'}' \
    | if $ALL; then python -m json.tool; else python -c "import sys,json;data=json.loads(sys.stdin.read()); print('Type: ' + data['result']['type'] + '\n' + 'DNS ID: ' + data['result']['id'] if data['success'] else 'ERROR: ' + data['errors'][0]['message'])"; fi

The Cloudflare dashboard now shows:

Cloudflare dashboard showing the newly created A record for sub-domain.example.com

TOC

4.2.3 Create a New DNS [CNAME] Record for an Alias

To create a DNS record that makes www.example.com an alias of example.com, use the following code:CODEOUTPUT (SUCCESS)OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
TYPE="CNAME"; \
NAME="www"; \
CONTENT="example.com"; \
PROXIED="true"; \
TTL="1"; \
curl -X POST "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    --data '{"type":"'"$TYPE"'","name":"'"$NAME"'","content":"'"$CONTENT"'","proxied":'"$PROXIED"',"ttl":'"$TTL"'}' \
    | python -m json.tool;

Alternatively, to limit the data that is displayed use:ALTERNATIVE CODEALTERNATIVE OUTPUT (SUCCESS)OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
TYPE="CNAME"; \
NAME="www"; \
CONTENT="example.com"; \
PROXIED="true"; \
TTL="1"; \
ALL="false"; \
curl -X POST "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    --data '{"type":"'"$TYPE"'","name":"'"$NAME"'","content":"'"$CONTENT"'","proxied":'"$PROXIED"',"ttl":'"$TTL"'}' \
    | if $ALL; then python -m json.tool; else python -c "import sys,json;data=json.loads(sys.stdin.read()); print('Type: ' + data['result']['type'] + '\n' + 'DNS ID: ' + data['result']['id'] if data['success'] else 'ERROR: ' + data['errors'][0]['message'])"; fi

The Cloudflare dashboard now shows:

Cloudflare dashboard showing the newly created CNAME record for www.example.com

TOC

4.2.4 Create a New DNS [MX] Record for a Domain

To create a DNS record that specifies the primary mail server to handle mail for example.com, use the following code:CODEOUTPUT (SUCCESS)OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
TYPE="MX"; \
NAME="@"; \
CONTENT="aspmx.l.google.com"; \
PRIORITY="1"; \
TTL="1"; \
curl -X POST "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    --data '{"type":"'"$TYPE"'","name":"'"$NAME"'","content":"'"$CONTENT"'","priority":"'"$PRIORITY"'","ttl":'"$TTL"'}' \
    | python -m json.tool;

Alternatively, to limit the data that is displayed use:ALTERNATIVE CODEALTERNATIVE OUTPUT (SUCCESS)ALTERNATIVE OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
TYPE="MX"; \
NAME="@"; \
CONTENT="aspmx.l.google.com"; \
PRIORITY="1"; \
TTL="1"; \
ALL="false"; \
curl -X POST "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    --data '{"type":"'"$TYPE"'","name":"'"$NAME"'","content":"'"$CONTENT"'","priority":"'"$PRIORITY"'","ttl":'"$TTL"'}' \
    | if $ALL; then python -m json.tool; else python -c "import sys,json;data=json.loads(sys.stdin.read()); print('Type: ' + data['result']['type'] + '\n' + 'DNS ID: ' + data['result']['id'] if data['success'] else 'ERROR: ' + data['errors'][0]['message'])"; fi

The Cloudflare dashboard now shows:

Cloudflare dashboard showing the newly created 1st MX record for example.com

TOC

4.2.5 Create a Second New DNS [MX] Record for a Domain

To create a DNS record that specifies the secondary mail server to handle mail for example.com, use the following code:CODEOUTPUT (SUCCESS)OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
TYPE="MX"; \
NAME="@"; \
CONTENT="alt1.aspmx.l.google.com"; \
PRIORITY="5"; \
TTL="1"; \
curl -X POST "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    --data '{"type":"'"$TYPE"'","name":"'"$NAME"'","content":"'"$CONTENT"'","priority":"'"$PRIORITY"'","ttl":'"$TTL"'}' \
    | python -m json.tool;

Alternatively, to limit the data that is displayed use:ALTERNATIVE CODEALTERNATIVE OUTPUT (SUCCESS)ALTERNATIVE OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
TYPE="MX"; \
NAME="@"; \
CONTENT="alt1.aspmx.l.google.com"; \
PRIORITY="5"; \
TTL="1"; \
ALL="false"; \
curl -X POST "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    --data '{"type":"'"$TYPE"'","name":"'"$NAME"'","content":"'"$CONTENT"'","priority":"'"$PRIORITY"'","ttl":'"$TTL"'}' \
    | if $ALL; then python -m json.tool; else python -c "import sys,json;data=json.loads(sys.stdin.read()); print('Type: ' + data['result']['type'] + '\n' + 'DNS ID: ' + data['result']['id'] if data['success'] else 'ERROR: ' + data['errors'][0]['message'])"; fi

The Cloudflare dashboard now shows:

Cloudflare dashboard showing the newly created 2nd MX record for example.com

TOC

4.2.6 Create a New DNS [TXT] Record

To create a DNS record that specifies the sender policy framework (SPF) for example.com, use the following code:CODEOUTPUT (SUCCESS)OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
TYPE="TXT"; \
NAME="@"; \
CONTENT="v=spf1 include:_spf.google.com ~all"; \
TTL="1"; \
curl -X POST "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    --data '{"type":"'"$TYPE"'","name":"'"$NAME"'","content":"'"$CONTENT"'","ttl":'"$TTL"'}' \
    | python -m json.tool;

Alternatively, to limit the data that is displayed use:ALTERNATIVE CODEALTERNATIVE OUTPUT (SUCCESS)ALTERNATIVE OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
TYPE="TXT"; \
NAME="@"; \
CONTENT="v=spf1 include:_spf.google.com ~all"; \
TTL="1"; \
ALL="1"; \
curl -X POST "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    --data '{"type":"'"$TYPE"'","name":"'"$NAME"'","content":"'"$CONTENT"'","ttl":'"$TTL"'}' \
    | if $ALL; then python -m json.tool; else python -c "import sys,json;data=json.loads(sys.stdin.read()); print('Type: ' + data['result']['type'] + '\n' + 'DNS ID: ' + data['result']['id'] if data['success'] else 'ERROR: ' + data['errors'][0]['message'])"; fi

The Cloudflare dashboard now shows:

Cloudflare dashboard showing the newly created TXT record for example.com

TOC

4.3. LIST, UPDATE & DELETE EXISTING DNS RECORDS

4.3.1 List All DNS Records for a Zone

To list all the DNS records associated with the zone record for example.com, use the following code:CODEOUTPUT (SUCCESS)OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
curl -X GET "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    | python -m json.tool;

TOC

4.3.2 List DNS Records for a Zone Based on DNS Record Name

To list all the DNS records associated with the zone record for example.com whose name is example.com, use the following code:CODEOUTPUT (SUCCESS)OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
NAME="example.com"; \
curl -X GET "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records?name=$NAME" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    | python -m json.tool;

TOC

4.3.3 List DNS Records for a Zone Based on DNS Record Type

To list all the DNS records associated with the zone record for example.com whose type is MX, use the following code:CODEOUTPUT (SUCCESS)OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
TYPE="MX"; \
curl -X GET "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records?type=$TYPE" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    | python -m json.tool;

TOC

4.3.4 List DNS Records for a Zone Based on DNS Record Name and Type

To list all the DNS records associated with the zone record for example.com whose name is example.com and type is MX, use the following code:CODEOUTPUT (SUCCESS)OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
NAME="example.com"; \
TYPE="MX"; \
curl -X GET "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records?name=$NAME&type=$TYPE" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    | python -m json.tool;

TOCTOC

4.3.5 Update an Individual DNS Record

To update an individual DNS record we need to pass its unique ID to the Cloudflare API. So, to update the CNAME record for www.example.com so that PROXIED is changed to false and TTLis changed to 2 minutes, use the following code. Note that even though TYPENAME and CONTENT are not changing, they still need to be included otherwise the Cloudflare API returns an error:CODEOUTPUT (SUCCESS)OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
DNS_ID="7bdb2e46037df332e5abdd45f8f981f5"; \
TYPE="CNAME"; \
NAME="www"; \
CONTENT="example.com"; \
PROXIED="false"; \
TTL="120";\
curl -X PUT "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/$DNS_ID" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    --data '{"type":"'"$TYPE"'","name":"'"$NAME"'","content":"'"$CONTENT"'","proxied":'"$PROXIED"',"ttl":'"$TTL"'}' \
    | python -m json.tool;

DNS CNAME record pre-update for example.com

DNS CNAME record post-update for example.com

TOC

4.3.6 Delete an Individual DNS Record

To delete an individual DNS record associated with the zone record for example.com, use the following code. Note thet the DNS record’s unique ID needs to be included:CODEOUTPUT (SUCCESS)OUTPUT (FAILURE)

EMAIL="steve@example.com"; \
KEY="08n46q4ofo0v5pc3u3g3eu517o69axu8s6ml4"; \
ZONE_ID="8b717207bcee4047af2e9dff95832996"; \
DNS_ID="7bdb2e46037df332e5abdd45f8f981f5"; \
curl -X DELETE "https://api.cloudflare.com/client/v4/zones/$ZONE_ID/dns_records/$DNS_ID" \
    -H "X-Auth-Email: $EMAIL" \
    -H "X-Auth-Key: $KEY" \
    -H "Content-Type: application/json" \
    | python -m json.tool;

1

Tags: ,

About : mbrandan

Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *