Google Cloud DNS Subdomain Delegation With Separate Zones

Question

Using Google Cloud DNS I have foo.com DNS Zone setup. I would like a separate DNS Zone to be delegated responsiblity for dev.foo.com domain names ( e.g. myappserver.dev.foo.com could be defined in the delegated DNS zone )

I could of course simply add an A Record into the foo.com definition. But I am using Terraform ( as Infrastructure as code ) and the dev subdomain ( servers/records etc ) will be built and destroyed on a regular basis.

The problem is that if I have all this in one DNS Zone that is built/destroyed regularly then this would mean that everything in foo.com would be unstable. I just want anything on dev.foo.com to be unstable from this point of view.

Is this possible? It would seem this would be easy using different name servers for dev.foo.com, so I'm assuming it should be okay somehow using the same nameservers but a different DNS Zone. Perhaps something to do with circular dependencies and glue records but I haven't managed to get anything working yet.

Answer 1

Instead of destroying the dev subdomain on a regular basis, delegate it to another nameserver (by including NS [and A glue!] records for dev.foo.com) -- which may also reside at Google, or not, as you wish -- and then have Terraform create and destroy RRs (Resource Records, such as A, CNAME, etc) within the dev.foo.com domain.

You shouldn't need to destroy and recreate dev.foo.com, and if for some reason you do (such as the ability to really test the creation and destruction of records at the level of the main domain itself), use a different domain name altogether such as foo-test.com, foo.io, etc.