Support ns records for public-zone

modules/public-zone/README.md

@@ -4,6 +4,7 @@ This module creates following resources.
 
 - `aws_route53_zone`
 - `aws_route53_query_log` (optional)
+- `aws_route53_record` (optional)
 
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Requirements
@@ -30,6 +31,7 @@ This module creates following resources.
 | Name | Type |
 |------|------|
 | [aws_route53_query_log.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_query_log) | resource |
+| [aws_route53_record.ns](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource |
 | [aws_route53_zone.public](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone) | resource |
 
 ## Inputs
@@ -43,6 +45,7 @@ This module creates following resources.
 | <a name="input_logging"></a> [logging](#input\_logging) | (Optional) The configuration of Route53 query logging. `logging` as defined below.<br>    (Optional) `cloudwatch` - A configuration to define where the execution history events are logged. `cloudwatch` as defined below.<br>      (Optional) `enabled` - Whether to enable or disable Route53 query logging.<br>      (Optional) `log_group` - The ARN (Amazon Resource Name) of the CloudWatch Log Group. The CloudWatch log group must be in the `us-east-1` region. A permissive CloudWatch log resource policy must be in place. | <pre>object({<br>    cloudwatch = optional(object({<br>      enabled   = optional(bool, false)<br>      log_group = optional(string, "")<br>    }), {})<br>  })</pre> | `{}` | no |
 | <a name="input_module_tags_enabled"></a> [module\_tags\_enabled](#input\_module\_tags\_enabled) | (Optional) Whether to create AWS Resource Tags for the module informations. | `bool` | `true` | no |
 | <a name="input_namespace"></a> [namespace](#input\_namespace) | (Optional) The namespace of the Hosted Zone. Just for categorising overlapped hosted zones. Defaults to `default`. | `string` | `"default"` | no |
+| <a name="input_ns_records"></a> [ns\_records](#input\_ns\_records) | (Optional) A map of `NS` records for the zone. Each key of the map is the record name. Each value of `ns_records` as defined below.<br>    (Required) `values` - A list of the record values<br>    (Optional) `ttl` - The TTL of the record. Defaults to `300`. | <pre>map(object({<br>    values = list(string)<br>    ttl    = optional(number, 300)<br>  }))</pre> | `{}` | no |
 | <a name="input_resource_group_description"></a> [resource\_group\_description](#input\_resource\_group\_description) | (Optional) The description of Resource Group. | `string` | `"Managed by Terraform."` | no |
 | <a name="input_resource_group_enabled"></a> [resource\_group\_enabled](#input\_resource\_group\_enabled) | (Optional) Whether to create Resource Group to find and group AWS resources which are created by this module. | `bool` | `true` | no |
 | <a name="input_resource_group_name"></a> [resource\_group\_name](#input\_resource\_group\_name) | (Optional) The name of Resource Group. A Resource Group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with `AWS` or `aws`. | `string` | `""` | no |
@@ -60,5 +63,6 @@ This module creates following resources.
 | <a name="output_name"></a> [name](#output\_name) | The name of the Hosted Zone. |
 | <a name="output_name_servers"></a> [name\_servers](#output\_name\_servers) | A list of name servers in associated (or default) delegation set. |
 | <a name="output_namespace"></a> [namespace](#output\_namespace) | The namespace of the Hosted Zone. |
+| <a name="output_ns_records"></a> [ns\_records](#output\_ns\_records) | A map of `NS` records for the zone. Each key of the map is the record name.<br>    `values` - A list of the record values<br>    `ttl` - The TTL of the record. |
 | <a name="output_primary_name_server"></a> [primary\_name\_server](#output\_primary\_name\_server) | The Route 53 name server that created the SOA record. |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

modules/public-zone/outputs.tf

@@ -50,3 +50,18 @@ output "logging" {
     }
   }
 }
+
+output "ns_records" {
+  description = <<EOF
+  A map of `NS` records for the zone. Each key of the map is the record name.
+    `values` - A list of the record values
+    `ttl` - The TTL of the record.
+  EOF
+  value = {
+    for name, record in aws_route53_record.ns :
+    name => {
+      values = record.records
+      ttl    = record.ttl
+    }
+  }
+}

modules/public-zone/records.tf

@@ -0,0 +1,24 @@
+###################################################
+# NS Records
+###################################################
+
+resource "aws_route53_record" "ns" {
+  for_each = var.ns_records
+
+  zone_id = aws_route53_zone.public.zone_id
+
+  type = "NS"
+  name = each.key
+  ttl  = each.value.ttl
+
+  records = each.value.values
+
+  allow_overwrite = false
+
+  lifecycle {
+    precondition {
+      condition     = endswith(each.key, var.name)
+      error_message = "The name of NS record must be end with the name of Hosted Zone."
+    }
+  }
+}

modules/public-zone/variables.tf

@@ -48,6 +48,20 @@ variable "logging" {
   nullable = false
 }
 
+variable "ns_records" {
+  description = <<EOF
+  (Optional) A map of `NS` records for the zone. Each key of the map is the record name. Each value of `ns_records` as defined below.
+    (Required) `values` - A list of the record values
+    (Optional) `ttl` - The TTL of the record. Defaults to `300`.
+  EOF
+  type = map(object({
+    values = list(string)
+    ttl    = optional(number, 300)
+  }))
+  default  = {}
+  nullable = false
+}
+
 variable "tags" {
   description = "(Optional) A map of tags to add to all resources."
   type        = map(string)