Vultr DocsLatest Content

How to Manage DNS Zones on Vultr DNS

Updated on 12 September, 2025

Configure and customize DNS zone behavior including TTL, DNSSEC, and other domain-specific settings.

DNS Zones contain domain mapping information and essential DNS data associated with specific resources. Managing DNS Zone settings enables the activation of SOA (State of Authority) information and DNSSEC (Domain Name System Security Extensions) on a domain.

Follow this guide to manage domain DNS Zones using Vultr DNS, the Vultr Customer Portal, API, CLI, or Terraform.

  • Vultr Customer Portal
  • Vultr API
  • Vultr CLI
  • Terraform
  1. Navigate to Products, expand the Network group and click DNS to view all domains in your account.
  2. Click your target domain to manage its DNS records.
  3. Navigate to the Zone Settings tab.
  4. Toggle the DNSSEC Settings status option to Enabled to generate a new DNS key and DS Records with cryptographic keys to submit to your domain registrar.
  5. Replace ns1.vultr.com with your primary name server if available and enter your domain administrator email address in the E-mail Address field.
  6. Click Update SOA Record to apply the domain SOA Information.

  1. Send a GET request to the List DNS domains endpoint and note the target domain in your output.

    console 
    $ curl "https://api.vultr.com/v2/domains" \
   -X GET \
   -H "Authorization: Bearer ${VULTR_API_KEY}"

  2. Send a GET request to the Get DNSSec Info endpoint to view the domain's DNSSec status.

    console 
    $ curl "https://api.vultr.com/v2/domains/{dns-domain}/dnssec" \
  -X GET \
  -H "Authorization: Bearer ${VULTR_API_KEY}"

  3. Send a PUT request to the Update a DNS Domain endpoint to enable DNSSec on the domain.

    console 
    $ curl "https://api.vultr.com/v2/domains/{dns-domain}" \
   -X PUT \
   -H "Authorization: Bearer ${VULTR_API_KEY}" \
   -H "Content-Type: application/json" \
   --data '{
     "dns_sec" : "enabled"
   }'

  4. Send a GET request to the Get SOA Information endpoint to view the domain's SOA configuration.

    console 
    $ curl "https://api.vultr.com/v2/domains/{dns-domain}/soa" \
  -X GET \
  -H "Authorization: Bearer ${VULTR_API_KEY}"

  5. Send a PATCH request to the Update SOA Information endpoint to update the domain's SOA configuration.

    console 
    $ curl "https://api.vultr.com/v2/domains/{dns-domain}/soa" \
  -X PATCH \
  -H "Authorization: Bearer ${VULTR_API_KEY}" \
  -H "Content-Type: application/json" \
  --data '{
    "nsprimary" : "primary-nameserver",
    "email" : "adminEmail"
  }'

  1. List all domains in your Vultr account and note the target domain.

    console 
    $ vultr-cli dns domain list

  2. View the domain's DNSSec status.

    console 
    $ vultr-cli dns domain dnssec-info <domainName>

  3. Enable DNSSec on the domain.

    console 
    $ vultr-cli dns domain dnssec <domainName> --enabled enabled

  4. View the domain's SOA information.

    console 
    $ vultr-cli dns domain soa-info <domainName>

  5. Update the domain's SOA information.

    console 
    $ vultr-cli dns domain soa-update <domainName> --email <adminEmail>--ns-primary <primary-nameserver>

  1. Open your Terraform configuration where the domain is defined.

  2. DNSSEC is managed via vultr_dns_domain attributes; SOA fields are not exposed via Terraform at this time.

    terraform 
    resource "vultr_dns_domain" "example" {
    domain  = "example.com"
    dns_sec = "enabled"   # enabled | disabled
}

  3. Apply the configuration and observe the following output:

    Apply complete! Resources: 0 added, 1 changed, 0 destroyed.

Comments

No comments yet.