Edit

Alibaba Cloud DNS (ALIDNS)

Configuration

This provider is for Alibaba Cloud DNS (also known as ALIDNS). To use this provider, add an entry to creds.json with TYPE set to ALIDNS along with your API credentials.

Example:

creds.json
{
  "alidns": {
    "TYPE": "ALIDNS",
    "access_key_id": "YOUR_ACCESS_KEY_ID",
    "access_key_secret": "YOUR_ACCESS_KEY_SECRET"
  }
}

Optionally, you can specify a region_id:

creds.json
{
  "alidns": {
    "TYPE": "ALIDNS",
    "access_key_id": "YOUR_ACCESS_KEY_ID",
    "access_key_secret": "YOUR_ACCESS_KEY_SECRET",
    "region_id": "cn-hangzhou"
  }
}

Note: The region_id defaults to "cn-hangzhou". The region value does not affect DNS management (DNS is global), but Alibaba's SDK requires a region to be provided.

Usage

An example configuration:

dnsconfig.js
var REG_NONE = NewRegistrar("none");
var DSP_ALIDNS = NewDnsProvider("alidns");

D("example.com", REG_NONE, DnsProvider(DSP_ALIDNS),
    A("test", "1.2.3.4"),
    CNAME("www", "example.com."),
    MX("@", 10, "mail.example.com."),
);

Activation

DNSControl depends on an Alibaba Cloud RAM user with permissions to manage DNS records.

Creating RAM User and Access Keys

  1. Log in to the RAM console

  2. Create a new RAM user or use an existing one

  3. Generate an AccessKey ID and AccessKey Secret for the user

  4. Attach the AliyunDNSFullAccess policy to the user

The minimum required permissions are:

{
  "Version": "1",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "alidns:DescribeDomains",
        "alidns:DescribeDomainRecords",
        "alidns:DescribeDomainInfo",
        "alidns:AddDomainRecord",
        "alidns:UpdateDomainRecord",
        "alidns:DeleteDomainRecord"
      ],
      "Resource": "*"
    }
  ]
}

Important Notes

TTL Constraints

Alibaba Cloud DNS has different TTL constraints depending on your DNS edition:

  • Enterprise Ultimate Edition: TTL can be as low as 1 second (1-86400)

  • Personal Edition / Free Edition: Minimum TTL is 600 seconds (600-86400)

DNSControl will automatically validate TTL values based on your domain's edition. If you attempt to use a TTL below the minimum for your edition, you will receive an error.

Chinese Domain Name Support

ALIDNS supports Chinese domain names (IDN with Chinese characters). However:

  • Supported: ASCII characters and Chinese characters (CJK Unified Ideographs)

  • Not supported: Other Unicode characters (e.g., German umlauts, Arabic script)

DNSControl will automatically convert between punycode and unicode as needed.

Record Type Support

The following record types are supported:

  • A, AAAA, CNAME, MX, TXT, NS

  • CAA (requires quoted values: 0 issue "letsencrypt.org")

  • SRV

TXT Record Constraints

Alibaba Cloud DNS has specific constraints for TXT records:

  • Cannot be empty

  • Maximum length: 512 bytes

  • Cannot contain unescaped double quotes

  • Cannot have trailing spaces

  • Cannot have unpaired backslashes (odd number of consecutive backslashes)

DNSControl will audit and reject records that violate these constraints.

New Domains

If a domain does not exist in your Alibaba Cloud account, you must create it manually through the Alibaba Cloud console. DNSControl does not automatically create new domains for this provider.

PreviousAkamai Edge DNSNextAmazon Route 53

Last updated