cloud-foundation-fabric/blueprints/cloud-operations/dns-shared-vpc/README.md

# Cloud DNS & Shared VPC design

## Usage

This blueprint shows how to create reusable and modular Cloud DNS architectures when using Shared VPC.

The goal is to provision dedicated Cloud DNS instances for application teams that want to manage their own DNS records, and configure DNS peering to ensure name resolution works in a common Shared VPC.

The blueprint will:

- Create a GCP project per application team based on the `teams` input variable
- Create a VPC and Cloud DNS instance per application team
- Create a Cloud DNS private zone per application team in the form of `[teamname].[dns_domain]`, with `teamname` and `dns_domain` based on input variables
- Configure DNS peering for each private zone from the Shared VPC to the DNS VPC of each application team

The resources created in this blueprint are shown in the high level diagram below:

<img src="diagram.png" width="640px">

Note that Terraform 0.13 at least is required due to the use of `for_each` with modules.
<!-- BEGIN TFDOC -->

## Variables

| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
| [billing_account_id](variables.tf#L17) | Billing account associated with the GCP Projects that will be created for each team. | <code>string</code> | ✓ |  |
| [folder_id](variables.tf#L28) | Folder ID in which DNS projects will be created. | <code>string</code> | ✓ |  |
| [prefix](variables.tf#L33) | Prefix used for resource names. | <code>string</code> | ✓ |  |
| [shared_vpc_link](variables.tf#L51) | Shared VPC self link, used for DNS peering. | <code>string</code> | ✓ |  |
| [dns_domain](variables.tf#L22) | DNS domain under which each application team DNS domain will be created. | <code>string</code> |  | <code>&#34;example.org&#34;</code> |
| [project_services](variables.tf#L42) | Service APIs enabled by default. | <code>list&#40;string&#41;</code> |  | <code title="&#91;&#10;  &#34;compute.googleapis.com&#34;,&#10;  &#34;dns.googleapis.com&#34;,&#10;&#93;">&#91;&#8230;&#93;</code> |
| [teams](variables.tf#L56) | List of application teams requiring their own Cloud DNS instance. | <code>list&#40;string&#41;</code> |  | <code title="&#91;&#10;  &#34;team1&#34;,&#10;  &#34;team2&#34;,&#10;&#93;">&#91;&#8230;&#93;</code> |

## Outputs

| name | description | sensitive |
|---|---|:---:|
| [teams](outputs.tf#L17) | Team resources. |  |

<!-- END TFDOC -->

## Test

```hcl
module "test" {
  source             = "./fabric/blueprints/cloud-operations/dns-shared-vpc"
  billing_account_id = "111111-222222-333333"
  folder_id          = "folders/1234567890"
  prefix             = "test"
  shared_vpc_link    = "https://www.googleapis.com/compute/v1/projects/test-dns/global/networks/default"
  teams              = ["team1", "team2"]
}
# tftest modules=9 resources=20
```
Aurelien's SVPC DNS example (#186) * Cloud DNS and Shared VPC (#184) * Cloud DNS and Shared VPC module to allow application teams to have their own Cloud DNS configuration. * Cleaning up README.md * Improving Formating. * Adding license to all .tf files. * Removing dead code. * Moving this example into the Cloud Operations folder. * Using fabric resources and refactoring. Only the 'test.example' file is not using the proper modules now. * normalize README, use autogenerated vars table, add types to variables * refactor * simple tests * add diagram, update READMEs Co-authored-by: Aurélien Legrand <aurelien.legrand01@gmail.com> 2021-01-11 02:57:57 -08:00			`# Cloud DNS & Shared VPC design`

			`## Usage`

More updates 2 2022-09-09 07:40:37 -07:00			`This blueprint shows how to create reusable and modular Cloud DNS architectures when using Shared VPC.`
Aurelien's SVPC DNS example (#186) * Cloud DNS and Shared VPC (#184) * Cloud DNS and Shared VPC module to allow application teams to have their own Cloud DNS configuration. * Cleaning up README.md * Improving Formating. * Adding license to all .tf files. * Removing dead code. * Moving this example into the Cloud Operations folder. * Using fabric resources and refactoring. Only the 'test.example' file is not using the proper modules now. * normalize README, use autogenerated vars table, add types to variables * refactor * simple tests * add diagram, update READMEs Co-authored-by: Aurélien Legrand <aurelien.legrand01@gmail.com> 2021-01-11 02:57:57 -08:00
			`The goal is to provision dedicated Cloud DNS instances for application teams that want to manage their own DNS records, and configure DNS peering to ensure name resolution works in a common Shared VPC.`

More updates 2 2022-09-09 07:40:37 -07:00			`The blueprint will:`
Aurelien's SVPC DNS example (#186) * Cloud DNS and Shared VPC (#184) * Cloud DNS and Shared VPC module to allow application teams to have their own Cloud DNS configuration. * Cleaning up README.md * Improving Formating. * Adding license to all .tf files. * Removing dead code. * Moving this example into the Cloud Operations folder. * Using fabric resources and refactoring. Only the 'test.example' file is not using the proper modules now. * normalize README, use autogenerated vars table, add types to variables * refactor * simple tests * add diagram, update READMEs Co-authored-by: Aurélien Legrand <aurelien.legrand01@gmail.com> 2021-01-11 02:57:57 -08:00
			- Create a GCP project per application team based on the `teams` input variable
			`- Create a VPC and Cloud DNS instance per application team`
			- Create a Cloud DNS private zone per application team in the form of `[teamname].[dns_domain]`, with `teamname` and `dns_domain` based on input variables
			`- Configure DNS peering for each private zone from the Shared VPC to the DNS VPC of each application team`

More updates 2 2022-09-09 07:40:37 -07:00			`The resources created in this blueprint are shown in the high level diagram below:`
Aurelien's SVPC DNS example (#186) * Cloud DNS and Shared VPC (#184) * Cloud DNS and Shared VPC module to allow application teams to have their own Cloud DNS configuration. * Cleaning up README.md * Improving Formating. * Adding license to all .tf files. * Removing dead code. * Moving this example into the Cloud Operations folder. * Using fabric resources and refactoring. Only the 'test.example' file is not using the proper modules now. * normalize README, use autogenerated vars table, add types to variables * refactor * simple tests * add diagram, update READMEs Co-authored-by: Aurélien Legrand <aurelien.legrand01@gmail.com> 2021-01-11 02:57:57 -08:00
			`<img src="diagram.png" width="640px">`

			Note that Terraform 0.13 at least is required due to the use of `for_each` with modules.
			`<!-- BEGIN TFDOC -->`
New tfdoc version (#396) * update tfdoc * rewrite check docs, refactor tfdoc replace, regenerate modules READMEs * remove dead code from check docs * do not fail on missing variable files in check docs * fix typos 2021-12-20 23:51:51 -08:00
Aurelien's SVPC DNS example (#186) * Cloud DNS and Shared VPC (#184) * Cloud DNS and Shared VPC module to allow application teams to have their own Cloud DNS configuration. * Cleaning up README.md * Improving Formating. * Adding license to all .tf files. * Removing dead code. * Moving this example into the Cloud Operations folder. * Using fabric resources and refactoring. Only the 'test.example' file is not using the proper modules now. * normalize README, use autogenerated vars table, add types to variables * refactor * simple tests * add diagram, update READMEs Co-authored-by: Aurélien Legrand <aurelien.legrand01@gmail.com> 2021-01-11 02:57:57 -08:00			`## Variables`

			`\| name \| description \| type \| required \| default \|`
New tfdoc version (#396) * update tfdoc * rewrite check docs, refactor tfdoc replace, regenerate modules READMEs * remove dead code from check docs * do not fail on missing variable files in check docs * fix typos 2021-12-20 23:51:51 -08:00			`\|---\|---\|:---:\|:---:\|:---:\|`
Link vars and outputs from README 2022-01-22 04:34:35 -08:00			`\| [billing_account_id](variables.tf#L17) \| Billing account associated with the GCP Projects that will be created for each team. \| <code>string</code> \| ✓ \| \|`
			`\| [folder_id](variables.tf#L28) \| Folder ID in which DNS projects will be created. \| <code>string</code> \| ✓ \| \|`
Normalize prefix handling in blueprints (#1003) 2022-11-23 02:09:00 -08:00			`\| [prefix](variables.tf#L33) \| Prefix used for resource names. \| <code>string</code> \| ✓ \| \|`
			`\| [shared_vpc_link](variables.tf#L51) \| Shared VPC self link, used for DNS peering. \| <code>string</code> \| ✓ \| \|`
Link vars and outputs from README 2022-01-22 04:34:35 -08:00			`\| [dns_domain](variables.tf#L22) \| DNS domain under which each application team DNS domain will be created. \| <code>string</code> \| \| <code>"example.org"</code> \|`
Normalize prefix handling in blueprints (#1003) 2022-11-23 02:09:00 -08:00			`\| [project_services](variables.tf#L42) \| Service APIs enabled by default. \| <code>list(string)</code> \| \| <code title="[ "compute.googleapis.com", "dns.googleapis.com", ]">[…]</code> \|`
			`\| [teams](variables.tf#L56) \| List of application teams requiring their own Cloud DNS instance. \| <code>list(string)</code> \| \| <code title="[ "team1", "team2", ]">[…]</code> \|`
Aurelien's SVPC DNS example (#186) * Cloud DNS and Shared VPC (#184) * Cloud DNS and Shared VPC module to allow application teams to have their own Cloud DNS configuration. * Cleaning up README.md * Improving Formating. * Adding license to all .tf files. * Removing dead code. * Moving this example into the Cloud Operations folder. * Using fabric resources and refactoring. Only the 'test.example' file is not using the proper modules now. * normalize README, use autogenerated vars table, add types to variables * refactor * simple tests * add diagram, update READMEs Co-authored-by: Aurélien Legrand <aurelien.legrand01@gmail.com> 2021-01-11 02:57:57 -08:00
			`## Outputs`

			`\| name \| description \| sensitive \|`
			`\|---\|---\|:---:\|`
Add periods at the end of each description field where missing (#478) 2022-01-31 01:45:34 -08:00			`\| [teams](outputs.tf#L17) \| Team resources. \| \|`
New tfdoc version (#396) * update tfdoc * rewrite check docs, refactor tfdoc replace, regenerate modules READMEs * remove dead code from check docs * do not fail on missing variable files in check docs * fix typos 2021-12-20 23:51:51 -08:00
Aurelien's SVPC DNS example (#186) * Cloud DNS and Shared VPC (#184) * Cloud DNS and Shared VPC module to allow application teams to have their own Cloud DNS configuration. * Cleaning up README.md * Improving Formating. * Adding license to all .tf files. * Removing dead code. * Moving this example into the Cloud Operations folder. * Using fabric resources and refactoring. Only the 'test.example' file is not using the proper modules now. * normalize README, use autogenerated vars table, add types to variables * refactor * simple tests * add diagram, update READMEs Co-authored-by: Aurélien Legrand <aurelien.legrand01@gmail.com> 2021-01-11 02:57:57 -08:00			`<!-- END TFDOC -->`
Update cloud operations tests 2023-02-10 05:24:10 -08:00
			`## Test`

			```hcl
			`module "test" {`
			`source = "./fabric/blueprints/cloud-operations/dns-shared-vpc"`
			`billing_account_id = "111111-222222-333333"`
			`folder_id = "folders/1234567890"`
			`prefix = "test"`
			`shared_vpc_link = "https://www.googleapis.com/compute/v1/projects/test-dns/global/networks/default"`
			`teams = ["team1", "team2"]`
			`}`
Refactoring of dns module 2023-07-18 10:32:57 -07:00			`# tftest modules=9 resources=20`
Update cloud operations tests 2023-02-10 05:24:10 -08:00			```