Category: tool
Alibaba Cloud DNS (Alidns) CLI
Goals
- - Query and manage Alibaba Cloud DNS records via
aliyun-cli. - Quickly configure CNAME for Function Compute custom domains.
When to Use
- - When you need to add/update DNS records in Alibaba Cloud DNS.
- When you need CNAME setup for FC custom domains.
Install aliyun-cli (without sudo)
CODEBLOCK0
Configure Credentials
CODEBLOCK1
Configure region as default; if best region is unclear, ask the user.
Query DNS Records
Query subdomain records:
CODEBLOCK2
Add CNAME Record
CODEBLOCK3
FC Custom Domain CNAME Target
Custom domain should point to FC public CNAME:
CODEBLOCK4
Example (Hangzhou):
CODEBLOCK5
Common Issues
- - If apex CNAME is not supported, use subdomain like
www or ALIAS/ANAME records. - Create FC custom domain only after DNS propagation, otherwise
DomainNameNotResolved may occur.
References
- - aliyun-cli installation
- https://help.aliyun.com/zh/cli/install-cli-on-linux
- - Alidns API(AddDomainRecord / DescribeSubDomainRecords)
- https://help.aliyun.com/zh/dns/api-alidns-2015-01-09-adddomainrecord
- https://help.aliyun.com/zh/dns/api-alidns-2015-01-09-describesubdomainrecords
- - FC custom domain configuration and CNAME guidance
- https://www.alibabacloud.com/help/en/functioncompute/fc/user-guide/configure-custom-domain-names
- - Official source list:�INLINECODE3
Validation
CODEBLOCK6
Pass criteria: command exits 0 and output/aliyun-dns-cli/validate.txt is generated.
Output And Evidence
- - Save artifacts, command outputs, and API response summaries under
output/aliyun-dns-cli/. - Include key parameters (region/resource id/time range) in evidence files for reproducibility.
Prerequisites
- - Configure least-privilege Alibaba Cloud credentials before execution.
- Prefer environment variables:
ALICLOUD_ACCESS_KEY_ID, ALICLOUD_ACCESS_KEY_SECRET, optional ALICLOUD_REGION_ID. - If region is unclear, ask the user before running mutating operations.
Workflow
1) Confirm user intent, region, identifiers, and whether the operation is read-only or mutating.
2) Run one minimal read-only query first to verify connectivity and permissions.
3) Execute the target operation with explicit parameters and bounded scope.
4) Verify results and save output/evidence files.
技能名称: aliyun-dns-cli
详细描述:
类别: 工具
阿里云 DNS (Alidns) CLI
目标
- - 通过 aliyun-cli 查询和管理阿里云 DNS 记录。
- 快速为函数计算自定义域名配置 CNAME。
使用场景
- - 需要在阿里云 DNS 中添加/更新 DNS 记录时。
- 需要为 FC 自定义域名设置 CNAME 时。
安装 aliyun-cli(无需 sudo)
bash
curl -fsSL https://aliyuncli.alicdn.com/aliyun-cli-linux-latest-amd64.tgz -o /tmp/aliyun-cli.tgz
mkdir -p ~/.local/bin
tar -xzf /tmp/aliyun-cli.tgz -C /tmp
mv /tmp/aliyun ~/.local/bin/aliyun
chmod +x ~/.local/bin/aliyun
配置凭证
bash
~/.local/bin/aliyun configure set \
--profile default \
--access-key-id \
--access-key-secret \
--region cn-hangzhou
将区域配置为默认值;如果不确定最佳区域,请询问用户。
查询 DNS 记录
查询子域名记录:
bash
~/.local/bin/aliyun alidns DescribeSubDomainRecords \
--SubDomain news.example.com
添加 CNAME 记录
bash
~/.local/bin/aliyun alidns AddDomainRecord \
--DomainName example.com \
--RR news \
--Type CNAME \
--Value
FC 自定义域名 CNAME 目标
自定义域名应指向 FC 公共 CNAME:
id>.id>.fc.aliyuncs.com
示例(杭州区域):
1629965279769872.cn-hangzhou.fc.aliyuncs.com
常见问题
- - 如果根域名不支持 CNAME,请使用 www 等子域名或 ALIAS/ANAME 记录。
- 仅在 DNS 解析生效后创建 FC 自定义域名,否则可能出现 DomainNameNotResolved 错误。
参考文档
- https://help.aliyun.com/zh/cli/install-cli-on-linux
- - Alidns API(AddDomainRecord / DescribeSubDomainRecords)
- https://help.aliyun.com/zh/dns/api-alidns-2015-01-09-adddomainrecord
- https://help.aliyun.com/zh/dns/api-alidns-2015-01-09-describesubdomainrecords
- https://www.alibabacloud.com/help/en/functioncompute/fc/user-guide/configure-custom-domain-names
- - 官方来源列表:references/sources.md
验证
bash
mkdir -p output/aliyun-dns-cli
echo validation_placeholder > output/aliyun-dns-cli/validate.txt
通过标准:命令退出码为 0,且 output/aliyun-dns-cli/validate.txt 文件已生成。
输出与证据
- - 将工件、命令输出和 API 响应摘要保存到 output/aliyun-dns-cli/ 目录下。
- 在证据文件中包含关键参数(区域/资源 ID/时间范围),以确保可复现性。
前置条件
- - 执行前配置最小权限的阿里云凭证。
- 优先使用环境变量:ALICLOUDACCESSKEYID、ALICLOUDACCESSKEYSECRET,可选 ALICLOUDREGIONID。
- 如果不确定区域,在执行变更操作前请询问用户。
工作流程
1) 确认用户意图、区域、标识符,以及操作是只读还是变更类型。
2) 首先执行一个最小的只读查询,以验证连接和权限。
3) 使用明确的参数和限定范围执行目标操作。
4) 验证结果并保存输出/证据文件。
