From 5f4245b3e72224df0722951e96fcac8916124307 Mon Sep 17 00:00:00 2001 From: Byungjin Park Date: Sat, 18 Nov 2023 01:40:33 +0900 Subject: [PATCH] Support ns records for public-zone --- modules/public-zone/README.md | 4 ++++ modules/public-zone/outputs.tf | 15 +++++++++++++++ modules/public-zone/records.tf | 24 ++++++++++++++++++++++++ modules/public-zone/variables.tf | 14 ++++++++++++++ 4 files changed, 57 insertions(+) create mode 100644 modules/public-zone/records.tf diff --git a/modules/public-zone/README.md b/modules/public-zone/README.md index d20a761..0bb9e43 100644 --- a/modules/public-zone/README.md +++ b/modules/public-zone/README.md @@ -4,6 +4,7 @@ This module creates following resources. - `aws_route53_zone` - `aws_route53_query_log` (optional) +- `aws_route53_record` (optional) ## Requirements @@ -30,6 +31,7 @@ This module creates following resources. | Name | Type | |------|------| | [aws_route53_query_log.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_query_log) | resource | +| [aws_route53_record.ns](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource | | [aws_route53_zone.public](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone) | resource | ## Inputs @@ -43,6 +45,7 @@ This module creates following resources. | [logging](#input\_logging) | (Optional) The configuration of Route53 query logging. `logging` as defined below.
(Optional) `cloudwatch` - A configuration to define where the execution history events are logged. `cloudwatch` as defined below.
(Optional) `enabled` - Whether to enable or disable Route53 query logging.
(Optional) `log_group` - The ARN (Amazon Resource Name) of the CloudWatch Log Group. The CloudWatch log group must be in the `us-east-1` region. A permissive CloudWatch log resource policy must be in place. | 
object({
    cloudwatch = optional(object({
      enabled   = optional(bool, false)
      log_group = optional(string, "")
    }), {})
  })
| `{}` | no | | [module\_tags\_enabled](#input\_module\_tags\_enabled) | (Optional) Whether to create AWS Resource Tags for the module informations. | `bool` | `true` | no | | [namespace](#input\_namespace) | (Optional) The namespace of the Hosted Zone. Just for categorising overlapped hosted zones. Defaults to `default`. | `string` | `"default"` | no | +| [ns\_records](#input\_ns\_records) | (Optional) A map of `NS` records for the zone. Each key of the map is the record name. Each value of `ns_records` as defined below.
(Required) `values` - A list of the record values
(Optional) `ttl` - The TTL of the record. Defaults to `300`. | 
map(object({
    values = list(string)
    ttl    = optional(number, 300)
  }))
| `{}` | no | | [resource\_group\_description](#input\_resource\_group\_description) | (Optional) The description of Resource Group. | `string` | `"Managed by Terraform."` | no | | [resource\_group\_enabled](#input\_resource\_group\_enabled) | (Optional) Whether to create Resource Group to find and group AWS resources which are created by this module. | `bool` | `true` | no | | [resource\_group\_name](#input\_resource\_group\_name) | (Optional) The name of Resource Group. A Resource Group name can have a maximum of 127 characters, including letters, numbers, hyphens, dots, and underscores. The name cannot start with `AWS` or `aws`. | `string` | `""` | no | @@ -60,5 +63,6 @@ This module creates following resources. | [name](#output\_name) | The name of the Hosted Zone. | | [name\_servers](#output\_name\_servers) | A list of name servers in associated (or default) delegation set. | | [namespace](#output\_namespace) | The namespace of the Hosted Zone. | +| [ns\_records](#output\_ns\_records) | A map of `NS` records for the zone. Each key of the map is the record name.
`values` - A list of the record values
`ttl` - The TTL of the record. | | [primary\_name\_server](#output\_primary\_name\_server) | The Route 53 name server that created the SOA record. | diff --git a/modules/public-zone/outputs.tf b/modules/public-zone/outputs.tf index e6fdc93..e694a1b 100644 --- a/modules/public-zone/outputs.tf +++ b/modules/public-zone/outputs.tf @@ -50,3 +50,18 @@ output "logging" { } } } + +output "ns_records" { + description = < { + values = record.records + ttl = record.ttl + } + } +} diff --git a/modules/public-zone/records.tf b/modules/public-zone/records.tf new file mode 100644 index 0000000..a5ce881 --- /dev/null +++ b/modules/public-zone/records.tf @@ -0,0 +1,24 @@ +################################################### +# NS Records +################################################### + +resource "aws_route53_record" "ns" { + for_each = var.ns_records + + zone_id = aws_route53_zone.public.zone_id + + type = "NS" + name = each.key + ttl = each.value.ttl + + records = each.value.values + + allow_overwrite = false + + lifecycle { + precondition { + condition = endswith(each.key, var.name) + error_message = "The name of NS record must be end with the name of Hosted Zone." + } + } +} diff --git a/modules/public-zone/variables.tf b/modules/public-zone/variables.tf index af7ac18..3b64da7 100644 --- a/modules/public-zone/variables.tf +++ b/modules/public-zone/variables.tf @@ -48,6 +48,20 @@ variable "logging" { nullable = false } +variable "ns_records" { + description = <