Refactoring of dns module
This commit is contained in:
parent
d16b616821
commit
cacb0c02e2
|
@ -128,5 +128,5 @@ module "test1" {
|
|||
project_create = true
|
||||
project_id = "test"
|
||||
}
|
||||
# tftest modules=9 resources=27
|
||||
# tftest modules=9 resources=28
|
||||
```
|
||||
|
|
|
@ -58,13 +58,16 @@ module "nat-a" {
|
|||
}
|
||||
|
||||
module "dns-service-zone" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.project.project_id
|
||||
type = "service-directory"
|
||||
name = var.name
|
||||
domain = var.zone_domain
|
||||
client_networks = [module.vpc.self_link]
|
||||
service_directory_namespace = module.service-directory.id
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.project.project_id
|
||||
name = var.name
|
||||
zone_config = {
|
||||
domain = var.zone_domain
|
||||
private = {
|
||||
client_networks = [module.vpc.self_link]
|
||||
service_directory_namespace = module.service-directory.id
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
module "service-directory" {
|
||||
|
|
|
@ -51,5 +51,5 @@ module "test" {
|
|||
shared_vpc_link = "https://www.googleapis.com/compute/v1/projects/test-dns/global/networks/default"
|
||||
teams = ["team1", "team2"]
|
||||
}
|
||||
# tftest modules=9 resources=16
|
||||
# tftest modules=9 resources=20
|
||||
```
|
||||
|
|
|
@ -39,24 +39,30 @@ module "vpc" {
|
|||
}
|
||||
|
||||
module "dns-private" {
|
||||
source = "../../../modules/dns"
|
||||
for_each = local.projects
|
||||
project_id = each.value
|
||||
type = "private"
|
||||
name = each.key
|
||||
domain = "${each.key}.${var.dns_domain}."
|
||||
description = "DNS zone for ${each.key}"
|
||||
client_networks = [module.vpc[each.key].self_link]
|
||||
source = "../../../modules/dns"
|
||||
for_each = local.projects
|
||||
project_id = each.value
|
||||
name = each.key
|
||||
description = "DNS zone for ${each.key}"
|
||||
zone_config = {
|
||||
domain = "${each.key}.${var.dns_domain}."
|
||||
private = {
|
||||
client_networks = [module.vpc[each.key].self_link]
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
module "dns-peering" {
|
||||
source = "../../../modules/dns"
|
||||
for_each = local.projects
|
||||
project_id = local.svpc_project_id
|
||||
name = "peering-${each.key}"
|
||||
domain = "${each.key}.${var.dns_domain}."
|
||||
description = "DNS peering for ${each.key}"
|
||||
type = "peering"
|
||||
peer_network = module.vpc[each.key].self_link
|
||||
client_networks = [var.shared_vpc_link]
|
||||
source = "../../../modules/dns"
|
||||
for_each = local.projects
|
||||
project_id = local.svpc_project_id
|
||||
name = "peering-${each.key}"
|
||||
description = "DNS peering for ${each.key}"
|
||||
zone_config = {
|
||||
domain = "${each.key}.${var.dns_domain}."
|
||||
peering = {
|
||||
peer_network = module.vpc[each.key].self_link
|
||||
client_networks = [var.shared_vpc_link]
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -76,7 +76,7 @@ module "projects" {
|
|||
service_identities_iam = try(each.value.service_identities_iam, {})
|
||||
vpc = try(each.value.vpc, null)
|
||||
}
|
||||
# tftest modules=7 resources=34 inventory=example.yaml
|
||||
# tftest modules=7 resources=36 inventory=example.yaml
|
||||
```
|
||||
|
||||
### Projects configuration
|
||||
|
|
|
@ -167,13 +167,16 @@ module "billing-alert" {
|
|||
}
|
||||
|
||||
module "dns" {
|
||||
source = "../../../modules/dns"
|
||||
for_each = toset(var.dns_zones)
|
||||
project_id = coalesce(local.vpc.host_project, module.project.project_id)
|
||||
type = "private"
|
||||
name = each.value
|
||||
domain = "${each.value}.${var.defaults.environment_dns_zone}"
|
||||
client_networks = [var.defaults.shared_vpc_self_link]
|
||||
source = "../../../modules/dns"
|
||||
for_each = toset(var.dns_zones)
|
||||
project_id = coalesce(local.vpc.host_project, module.project.project_id)
|
||||
name = each.value
|
||||
zone_config = {
|
||||
domain = "${each.value}.${var.defaults.environment_dns_zone}"
|
||||
private = {
|
||||
client_networks = [var.defaults.shared_vpc_self_link]
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
module "project" {
|
||||
|
|
|
@ -157,12 +157,15 @@ module "nat2" {
|
|||
################################################################################
|
||||
|
||||
module "dns-gcp" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = var.project_id
|
||||
type = "private"
|
||||
name = "gcp-example"
|
||||
domain = "gcp.example.org."
|
||||
client_networks = [module.vpc.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = var.project_id
|
||||
name = "gcp-example"
|
||||
zone_config = {
|
||||
domain = "gcp.example.org."
|
||||
private = {
|
||||
client_networks = [module.vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
"A test-1" = { records = [module.vm-test1.internal_ip] }
|
||||
|
@ -171,12 +174,15 @@ module "dns-gcp" {
|
|||
}
|
||||
|
||||
module "dns-api" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = var.project_id
|
||||
type = "private"
|
||||
name = "googleapis"
|
||||
domain = "googleapis.com."
|
||||
client_networks = [module.vpc.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = var.project_id
|
||||
name = "googleapis"
|
||||
zone_config = {
|
||||
domain = "googleapis.com."
|
||||
private = {
|
||||
client_networks = [module.vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"CNAME *" = { records = ["private.googleapis.com."] }
|
||||
"A private" = { records = local.vips.private }
|
||||
|
@ -185,14 +191,17 @@ module "dns-api" {
|
|||
}
|
||||
|
||||
module "dns-onprem" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = var.project_id
|
||||
type = "forwarding"
|
||||
name = "onprem-example"
|
||||
domain = "onprem.example.org."
|
||||
client_networks = [module.vpc.self_link]
|
||||
forwarders = {
|
||||
"${cidrhost(var.ip_ranges.onprem, 3)}" = null
|
||||
source = "../../../modules/dns"
|
||||
project_id = var.project_id
|
||||
name = "onprem-example"
|
||||
zone_config = {
|
||||
domain = "onprem.example.org."
|
||||
forwarding = {
|
||||
client_networks = [module.vpc.self_link]
|
||||
forwarders = {
|
||||
"${cidrhost(var.ip_ranges.onprem, 3)}" = null
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -51,5 +51,5 @@ module "test" {
|
|||
root_node = "organizations/0123456789"
|
||||
}
|
||||
|
||||
# tftest modules=9 resources=54
|
||||
# tftest modules=9 resources=56
|
||||
```
|
||||
|
|
|
@ -77,24 +77,30 @@ module "vpc-dev" {
|
|||
###############################################################################
|
||||
|
||||
module "dns-api-prod" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.project-host-prod.project_id
|
||||
type = "private"
|
||||
name = "googleapis"
|
||||
domain = "googleapis.com."
|
||||
client_networks = [module.vpc-prod.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.project-host-prod.project_id
|
||||
name = "googleapis"
|
||||
zone_config = {
|
||||
domain = "googleapis.com."
|
||||
private = {
|
||||
client_networks = [module.vpc-prod.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"CNAME *" = { records = ["private.googleapis.com."] }
|
||||
}
|
||||
}
|
||||
|
||||
module "dns-api-dev" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.project-host-dev.project_id
|
||||
type = "private"
|
||||
name = "googleapis"
|
||||
domain = "googleapis.com."
|
||||
client_networks = [module.vpc-dev.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.project-host-dev.project_id
|
||||
name = "googleapis"
|
||||
zone_config = {
|
||||
domain = "googleapis.com."
|
||||
private = {
|
||||
client_networks = [module.vpc-dev.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"CNAME *" = { records = ["private.googleapis.com."] }
|
||||
}
|
||||
|
|
|
@ -40,5 +40,5 @@ module "test" {
|
|||
}
|
||||
project_id = "test-project"
|
||||
}
|
||||
# tftest modules=13 resources=41
|
||||
# tftest modules=13 resources=42
|
||||
```
|
||||
|
|
|
@ -81,12 +81,15 @@ resource "google_compute_forwarding_rule" "psc_ilb_consumer" {
|
|||
###############################################################################
|
||||
|
||||
module "private-dns" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.project.project_id
|
||||
type = "private"
|
||||
name = "${var.prefix}-internal"
|
||||
domain = "internal."
|
||||
client_networks = [module.vpc-consumer.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.project.project_id
|
||||
name = "${var.prefix}-internal"
|
||||
zone_config = {
|
||||
domain = "internal."
|
||||
private = {
|
||||
client_networks = [module.vpc-consumer.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A squid" = { ttl = 60, records = [google_compute_address.psc_endpoint_address.address] }
|
||||
"CNAME proxy" = { ttl = 3600, records = ["squid.internal."] }
|
||||
|
|
|
@ -47,7 +47,7 @@ module "test1" {
|
|||
prefix = "fabric"
|
||||
root_node = "folders/123456789"
|
||||
}
|
||||
# tftest modules=14 resources=38
|
||||
# tftest modules=14 resources=39
|
||||
```
|
||||
|
||||
```hcl
|
||||
|
@ -58,5 +58,5 @@ module "test2" {
|
|||
prefix = "fabric"
|
||||
root_node = "folders/123456789"
|
||||
}
|
||||
# tftest modules=12 resources=32
|
||||
# tftest modules=12 resources=33
|
||||
```
|
||||
|
|
|
@ -114,12 +114,15 @@ module "nat" {
|
|||
}
|
||||
|
||||
module "private-dns" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.project-host.project_id
|
||||
type = "private"
|
||||
name = "internal"
|
||||
domain = "internal."
|
||||
client_networks = [module.vpc.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.project-host.project_id
|
||||
name = "internal"
|
||||
zone_config = {
|
||||
domain = "internal."
|
||||
private = {
|
||||
client_networks = [module.vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A squid" = { ttl = 60, records = [local.squid_address] }
|
||||
"CNAME proxy" = { ttl = 3600, records = ["squid.internal."] }
|
||||
|
|
|
@ -114,5 +114,5 @@ module "test" {
|
|||
project_id = "project-1"
|
||||
}
|
||||
|
||||
# tftest modules=20 resources=79
|
||||
# tftest modules=20 resources=84
|
||||
```
|
||||
|
|
|
@ -48,22 +48,28 @@ module "dev-firewall" {
|
|||
}
|
||||
|
||||
module "dev-dns-peering" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = var.project_id
|
||||
type = "peering"
|
||||
name = "${var.prefix}-example-com-dev-peering"
|
||||
domain = "example.com."
|
||||
client_networks = [module.dev-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
source = "../../../modules/dns"
|
||||
project_id = var.project_id
|
||||
name = "${var.prefix}-example-com-dev-peering"
|
||||
zone_config = {
|
||||
domain = "example.com."
|
||||
peering = {
|
||||
client_networks = [module.dev-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
module "dev-dns-zone" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = var.project_id
|
||||
type = "private"
|
||||
name = "${var.prefix}-dev-example-com"
|
||||
domain = "dev.example.com."
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = var.project_id
|
||||
name = "${var.prefix}-dev-example-com"
|
||||
zone_config = {
|
||||
domain = "dev.example.com."
|
||||
private = {
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
"A test-r2" = { records = [module.dev-r2-vm.internal_ip] }
|
||||
|
|
|
@ -48,12 +48,15 @@ module "landing-firewall" {
|
|||
}
|
||||
|
||||
module "landing-dns-zone" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = var.project_id
|
||||
type = "private"
|
||||
name = "${var.prefix}-example-com"
|
||||
domain = "example.com."
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = var.project_id
|
||||
name = "${var.prefix}-example-com"
|
||||
zone_config = {
|
||||
domain = "example.com."
|
||||
private = {
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
"A test-r1" = { records = [module.landing-r1-vm.internal_ip] }
|
||||
|
|
|
@ -48,22 +48,28 @@ module "prod-firewall" {
|
|||
}
|
||||
|
||||
module "prod-dns-peering" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = var.project_id
|
||||
type = "peering"
|
||||
name = "${var.prefix}-example-com-prd-peering"
|
||||
domain = "example.com."
|
||||
client_networks = [module.prod-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
source = "../../../modules/dns"
|
||||
project_id = var.project_id
|
||||
name = "${var.prefix}-example-com-prd-peering"
|
||||
zone_config = {
|
||||
domain = "example.com."
|
||||
peering = {
|
||||
client_networks = [module.prod-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
module "prod-dns-zone" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = var.project_id
|
||||
type = "private"
|
||||
name = "${var.prefix}-prd-example-com"
|
||||
domain = "prd.example.com."
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = var.project_id
|
||||
name = "${var.prefix}-prd-example-com"
|
||||
zone_config = {
|
||||
domain = "prd.example.com."
|
||||
private = {
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
"A test-r1" = { records = [module.prod-r1-vm.internal_ip] }
|
||||
|
|
|
@ -45,5 +45,5 @@ module "test" {
|
|||
}
|
||||
project_id = "test-project"
|
||||
}
|
||||
# tftest modules=11 resources=44
|
||||
# tftest modules=11 resources=45
|
||||
```
|
||||
|
|
|
@ -199,12 +199,15 @@ module "function-hello" {
|
|||
###############################################################################
|
||||
|
||||
module "private-dns-onprem" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.project.project_id
|
||||
type = "private"
|
||||
name = var.name
|
||||
domain = "${var.region}-${module.project.project_id}.cloudfunctions.net."
|
||||
client_networks = [module.vpc-onprem.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.project.project_id
|
||||
name = var.name
|
||||
zone_config = {
|
||||
domain = "${var.region}-${module.project.project_id}.cloudfunctions.net."
|
||||
private = {
|
||||
client_networks = [module.vpc-onprem.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A " = { records = [module.addresses.psc_addresses[local.psc_name].address] }
|
||||
}
|
||||
|
|
|
@ -80,5 +80,5 @@ module "test" {
|
|||
prefix = "test"
|
||||
root_node = "organizations/0123456789"
|
||||
}
|
||||
# tftest modules=11 resources=45
|
||||
# tftest modules=11 resources=46
|
||||
```
|
||||
|
|
|
@ -152,12 +152,15 @@ module "nat" {
|
|||
################################################################################
|
||||
|
||||
module "host-dns" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.project-host.project_id
|
||||
type = "private"
|
||||
name = "example"
|
||||
domain = "example.com."
|
||||
client_networks = [module.vpc-shared.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.project-host.project_id
|
||||
name = "example"
|
||||
zone_config = {
|
||||
domain = "example.com."
|
||||
private = {
|
||||
client_networks = [module.vpc-shared.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
"A bastion" = { records = [module.vm-bastion.internal_ip] }
|
||||
|
|
|
@ -252,7 +252,7 @@ module "test" {
|
|||
prj_onprem_id = "onprem-project-id"
|
||||
}
|
||||
|
||||
# tftest modules=15 resources=50
|
||||
# tftest modules=15 resources=52
|
||||
```
|
||||
|
||||
```hcl
|
||||
|
@ -276,7 +276,7 @@ module "test" {
|
|||
tf_identity = "user@example.org"
|
||||
}
|
||||
|
||||
# tftest modules=15 resources=36
|
||||
# tftest modules=15 resources=38
|
||||
```
|
||||
|
||||
```hcl
|
||||
|
@ -295,5 +295,5 @@ module "test" {
|
|||
custom_domain = "cloud-run-corporate.example.org"
|
||||
}
|
||||
|
||||
# tftest modules=14 resources=45
|
||||
# tftest modules=14 resources=47
|
||||
```
|
||||
|
|
|
@ -490,51 +490,63 @@ module "vm_test_svc1" {
|
|||
###############################################################################
|
||||
|
||||
module "private_dns_main" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.project_main.project_id
|
||||
type = "private"
|
||||
name = "dns-main"
|
||||
client_networks = [module.vpc_main.self_link]
|
||||
domain = local.cloud_run_domain
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.project_main.project_id
|
||||
name = "dns-main"
|
||||
zone_config = {
|
||||
domain = local.cloud_run_domain
|
||||
private = {
|
||||
client_networks = [module.vpc_main.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A *" = { records = [module.psc_addr_main.psc_addresses["psc-addr"].address] }
|
||||
}
|
||||
}
|
||||
|
||||
module "private_dns_main_custom" {
|
||||
source = "../../../modules/dns"
|
||||
count = var.custom_domain == null ? 0 : 1
|
||||
project_id = module.project_main.project_id
|
||||
type = "private"
|
||||
name = "dns-main-custom"
|
||||
client_networks = [module.vpc_main.self_link]
|
||||
domain = format("%s.", var.custom_domain)
|
||||
source = "../../../modules/dns"
|
||||
count = var.custom_domain == null ? 0 : 1
|
||||
project_id = module.project_main.project_id
|
||||
name = "dns-main-custom"
|
||||
zone_config = {
|
||||
domain = format("%s.", var.custom_domain)
|
||||
private = {
|
||||
client_networks = [module.vpc_main.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A " = { records = [module.ilb-l7[0].address] }
|
||||
}
|
||||
}
|
||||
|
||||
module "private_dns_onprem" {
|
||||
source = "../../../modules/dns"
|
||||
count = length(module.project_onprem)
|
||||
project_id = module.project_onprem[0].project_id
|
||||
type = "private"
|
||||
name = "dns-onprem"
|
||||
client_networks = [module.vpc_onprem[0].self_link]
|
||||
domain = local.cloud_run_domain
|
||||
source = "../../../modules/dns"
|
||||
count = length(module.project_onprem)
|
||||
project_id = module.project_onprem[0].project_id
|
||||
name = "dns-onprem"
|
||||
zone_config = {
|
||||
domain = local.cloud_run_domain
|
||||
private = {
|
||||
client_networks = [module.vpc_onprem[0].self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A *" = { records = [module.psc_addr_main.psc_addresses["psc-addr"].address] }
|
||||
}
|
||||
}
|
||||
|
||||
module "private_dns_prj1" {
|
||||
source = "../../../modules/dns"
|
||||
count = length(module.project_prj1)
|
||||
project_id = module.project_prj1[0].project_id
|
||||
type = "private"
|
||||
name = "dns-prj1"
|
||||
client_networks = [module.vpc_prj1[0].self_link]
|
||||
domain = local.cloud_run_domain
|
||||
source = "../../../modules/dns"
|
||||
count = length(module.project_prj1)
|
||||
project_id = module.project_prj1[0].project_id
|
||||
name = "dns-prj1"
|
||||
zone_config = {
|
||||
domain = local.cloud_run_domain
|
||||
private = {
|
||||
client_networks = [module.vpc_prj1[0].self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A *" = { records = [module.psc_addr_prj1[0].psc_addresses["psc-addr"].address] }
|
||||
}
|
||||
|
|
|
@ -24,12 +24,15 @@ moved {
|
|||
}
|
||||
|
||||
module "dev-dns-priv-example" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
type = "private"
|
||||
name = "dev-gcp-example-com"
|
||||
domain = "dev.gcp.example.com."
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
name = "dev-gcp-example-com"
|
||||
zone_config = {
|
||||
domain = "dev.gcp.example.com."
|
||||
private = {
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
}
|
||||
|
@ -43,13 +46,16 @@ moved {
|
|||
}
|
||||
|
||||
module "dev-dns-peer-landing-root" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
type = "peering"
|
||||
name = "dev-root-dns-peering"
|
||||
domain = "."
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
name = "dev-root-dns-peering"
|
||||
zone_config = {
|
||||
domain = "."
|
||||
peering = {
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
moved {
|
||||
|
@ -58,11 +64,14 @@ moved {
|
|||
}
|
||||
|
||||
module "dev-dns-peer-landing-rev-10" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
type = "peering"
|
||||
name = "dev-reverse-10-dns-peering"
|
||||
domain = "10.in-addr.arpa."
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
name = "dev-reverse-10-dns-peering"
|
||||
zone_config = {
|
||||
domain = "10.in-addr.arpa."
|
||||
peering = {
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -24,13 +24,16 @@ moved {
|
|||
}
|
||||
|
||||
module "landing-dns-fwd-onprem-example" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.landing-project.project_id
|
||||
type = "forwarding"
|
||||
name = "example-com"
|
||||
domain = "onprem.example.com."
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
forwarders = { for ip in var.dns.onprem : ip => null }
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.landing-project.project_id
|
||||
name = "example-com"
|
||||
zone_config = {
|
||||
domain = "onprem.example.com."
|
||||
forwarding = {
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
forwarders = { for ip in var.dns.onprem : ip => null }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
moved {
|
||||
|
@ -39,13 +42,16 @@ moved {
|
|||
}
|
||||
|
||||
module "landing-dns-fwd-onprem-rev-10" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.landing-project.project_id
|
||||
type = "forwarding"
|
||||
name = "root-reverse-10"
|
||||
domain = "10.in-addr.arpa."
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
forwarders = { for ip in var.dns.onprem : ip => null }
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.landing-project.project_id
|
||||
name = "root-reverse-10"
|
||||
zone_config = {
|
||||
domain = "10.in-addr.arpa."
|
||||
forwarding = {
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
forwarders = { for ip in var.dns.onprem : ip => null }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
moved {
|
||||
|
@ -54,12 +60,15 @@ moved {
|
|||
}
|
||||
|
||||
module "landing-dns-priv-gcp" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.landing-project.project_id
|
||||
type = "private"
|
||||
name = "gcp-example-com"
|
||||
domain = "gcp.example.com."
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.landing-project.project_id
|
||||
name = "gcp-example-com"
|
||||
zone_config = {
|
||||
domain = "gcp.example.com."
|
||||
private = {
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
}
|
||||
|
|
|
@ -24,12 +24,15 @@ moved {
|
|||
}
|
||||
|
||||
module "prod-dns-priv-example" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
type = "private"
|
||||
name = "prod-gcp-example-com"
|
||||
domain = "prod.gcp.example.com."
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
name = "prod-gcp-example-com"
|
||||
zone_config = {
|
||||
domain = "prod.gcp.example.com."
|
||||
private = {
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
}
|
||||
|
@ -43,13 +46,16 @@ moved {
|
|||
}
|
||||
|
||||
module "prod-dns-peer-landing-root" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
type = "peering"
|
||||
name = "prod-root-dns-peering"
|
||||
domain = "."
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
name = "prod-root-dns-peering"
|
||||
zone_config = {
|
||||
domain = "."
|
||||
peering = {
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
moved {
|
||||
|
@ -58,11 +64,14 @@ moved {
|
|||
}
|
||||
|
||||
module "prod-dns-peer-landing-rev-10" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
type = "peering"
|
||||
name = "prod-reverse-10-dns-peering"
|
||||
domain = "10.in-addr.arpa."
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
name = "prod-reverse-10-dns-peering"
|
||||
zone_config = {
|
||||
domain = "10.in-addr.arpa."
|
||||
peering = {
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -24,12 +24,15 @@ moved {
|
|||
}
|
||||
|
||||
module "dev-dns-priv-example" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
type = "private"
|
||||
name = "dev-gcp-example-com"
|
||||
domain = "dev.gcp.example.com."
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
name = "dev-gcp-example-com"
|
||||
zone_config = {
|
||||
domain = "dev.gcp.example.com."
|
||||
private = {
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
}
|
||||
|
@ -43,13 +46,16 @@ moved {
|
|||
}
|
||||
|
||||
module "dev-dns-peer-landing-root" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
type = "peering"
|
||||
name = "dev-root-dns-peering"
|
||||
domain = "."
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
name = "dev-root-dns-peering"
|
||||
zone_config = {
|
||||
domain = "."
|
||||
peering = {
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
moved {
|
||||
|
@ -58,11 +64,14 @@ moved {
|
|||
}
|
||||
|
||||
module "dev-dns-peer-landing-rev-10" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
type = "peering"
|
||||
name = "dev-reverse-10-dns-peering"
|
||||
domain = "10.in-addr.arpa."
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
name = "dev-reverse-10-dns-peering"
|
||||
zone_config = {
|
||||
domain = "10.in-addr.arpa."
|
||||
peering = {
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -24,13 +24,16 @@ moved {
|
|||
}
|
||||
|
||||
module "landing-dns-fwd-onprem-example" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.landing-project.project_id
|
||||
type = "forwarding"
|
||||
name = "example-com"
|
||||
domain = "onprem.example.com."
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
forwarders = { for ip in var.dns.onprem : ip => null }
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.landing-project.project_id
|
||||
name = "example-com"
|
||||
zone_config = {
|
||||
domain = "onprem.example.com."
|
||||
forwarding = {
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
forwarders = { for ip in var.dns.onprem : ip => null }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
moved {
|
||||
|
@ -39,13 +42,16 @@ moved {
|
|||
}
|
||||
|
||||
module "landing-dns-fwd-onprem-rev-10" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.landing-project.project_id
|
||||
type = "forwarding"
|
||||
name = "root-reverse-10"
|
||||
domain = "10.in-addr.arpa."
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
forwarders = { for ip in var.dns.onprem : ip => null }
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.landing-project.project_id
|
||||
name = "root-reverse-10"
|
||||
zone_config = {
|
||||
domain = "10.in-addr.arpa."
|
||||
forwarding = {
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
forwarders = { for ip in var.dns.onprem : ip => null }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
moved {
|
||||
|
@ -54,12 +60,15 @@ moved {
|
|||
}
|
||||
|
||||
module "landing-dns-priv-gcp" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.landing-project.project_id
|
||||
type = "private"
|
||||
name = "gcp-example-com"
|
||||
domain = "gcp.example.com."
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.landing-project.project_id
|
||||
name = "gcp-example-com"
|
||||
zone_config = {
|
||||
domain = "gcp.example.com."
|
||||
private = {
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
}
|
||||
|
|
|
@ -24,12 +24,15 @@ moved {
|
|||
}
|
||||
|
||||
module "prod-dns-priv-example" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
type = "private"
|
||||
name = "prod-gcp-example-com"
|
||||
domain = "prod.gcp.example.com."
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
name = "prod-gcp-example-com"
|
||||
zone_config = {
|
||||
domain = "prod.gcp.example.com."
|
||||
private = {
|
||||
client_networks = [module.landing-vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
}
|
||||
|
@ -43,13 +46,16 @@ moved {
|
|||
}
|
||||
|
||||
module "prod-dns-peer-landing-root" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
type = "peering"
|
||||
name = "prod-root-dns-peering"
|
||||
domain = "."
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
name = "prod-root-dns-peering"
|
||||
zone_config = {
|
||||
domain = "."
|
||||
peering = {
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
moved {
|
||||
|
@ -58,11 +64,14 @@ moved {
|
|||
}
|
||||
|
||||
module "prod-dns-peer-landing-rev-10" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
type = "peering"
|
||||
name = "prod-reverse-10-dns-peering"
|
||||
domain = "10.in-addr.arpa."
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
name = "prod-reverse-10-dns-peering"
|
||||
zone_config = {
|
||||
domain = "10.in-addr.arpa."
|
||||
peering = {
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
peer_network = module.landing-vpc.self_link
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -19,12 +19,15 @@
|
|||
# GCP-specific environment zone
|
||||
|
||||
module "dev-dns-private-zone" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
type = "private"
|
||||
name = "dev-gcp-example-com"
|
||||
domain = "dev.gcp.example.com."
|
||||
client_networks = [module.landing-trusted-vpc.self_link, module.landing-untrusted-vpc.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
name = "dev-gcp-example-com"
|
||||
zone_config = {
|
||||
domain = "dev.gcp.example.com."
|
||||
private = {
|
||||
client_networks = [module.landing-trusted-vpc.self_link, module.landing-untrusted-vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
}
|
||||
|
@ -38,13 +41,16 @@ moved {
|
|||
}
|
||||
|
||||
module "dev-dns-peer-landing-root" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
type = "peering"
|
||||
name = "dev-root-dns-peering"
|
||||
domain = "."
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
peer_network = module.landing-trusted-vpc.self_link
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
name = "dev-root-dns-peering"
|
||||
zone_config = {
|
||||
domain = "."
|
||||
peering = {
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
peer_network = module.landing-trusted-vpc.self_link
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
moved {
|
||||
|
@ -53,11 +59,14 @@ moved {
|
|||
}
|
||||
|
||||
module "dev-dns-peer-landing-rev-10" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
type = "peering"
|
||||
name = "dev-reverse-10-dns-peering"
|
||||
domain = "10.in-addr.arpa."
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
peer_network = module.landing-trusted-vpc.self_link
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
name = "dev-reverse-10-dns-peering"
|
||||
zone_config = {
|
||||
domain = "10.in-addr.arpa."
|
||||
peering = {
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
peer_network = module.landing-trusted-vpc.self_link
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -26,14 +26,17 @@ moved {
|
|||
module "landing-dns-fwd-onprem-example" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.landing-project.project_id
|
||||
type = "forwarding"
|
||||
name = "example-com"
|
||||
domain = "onprem.example.com."
|
||||
client_networks = [
|
||||
module.landing-untrusted-vpc.self_link,
|
||||
module.landing-trusted-vpc.self_link
|
||||
]
|
||||
forwarders = { for ip in var.dns.onprem : ip => null }
|
||||
zone_config = {
|
||||
domain = "onprem.example.com."
|
||||
forwarding = {
|
||||
client_networks = [
|
||||
module.landing-untrusted-vpc.self_link,
|
||||
module.landing-trusted-vpc.self_link
|
||||
]
|
||||
forwarders = { for ip in var.dns.onprem : ip => null }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
moved {
|
||||
|
@ -44,14 +47,17 @@ moved {
|
|||
module "landing-dns-fwd-onprem-rev-10" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.landing-project.project_id
|
||||
type = "forwarding"
|
||||
name = "root-reverse-10"
|
||||
domain = "10.in-addr.arpa."
|
||||
client_networks = [
|
||||
module.landing-untrusted-vpc.self_link,
|
||||
module.landing-trusted-vpc.self_link
|
||||
]
|
||||
forwarders = { for ip in var.dns.onprem : ip => null }
|
||||
zone_config = {
|
||||
domain = "10.in-addr.arpa."
|
||||
forwarding = {
|
||||
client_networks = [
|
||||
module.landing-untrusted-vpc.self_link,
|
||||
module.landing-trusted-vpc.self_link
|
||||
]
|
||||
forwarders = { for ip in var.dns.onprem : ip => null }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
moved {
|
||||
|
@ -62,13 +68,16 @@ moved {
|
|||
module "landing-dns-priv-gcp" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.landing-project.project_id
|
||||
type = "private"
|
||||
name = "gcp-example-com"
|
||||
domain = "gcp.example.com."
|
||||
client_networks = [
|
||||
module.landing-untrusted-vpc.self_link,
|
||||
module.landing-trusted-vpc.self_link
|
||||
]
|
||||
zone_config = {
|
||||
domain = "gcp.example.com."
|
||||
private = {
|
||||
client_networks = [
|
||||
module.landing-untrusted-vpc.self_link,
|
||||
module.landing-trusted-vpc.self_link
|
||||
]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
}
|
||||
|
|
|
@ -19,12 +19,15 @@
|
|||
# GCP-specific environment zone
|
||||
|
||||
module "prod-dns-private-zone" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
type = "private"
|
||||
name = "prod-gcp-example-com"
|
||||
domain = "prod.gcp.example.com."
|
||||
client_networks = [module.landing-trusted-vpc.self_link, module.landing-untrusted-vpc.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
name = "prod-gcp-example-com"
|
||||
zone_config = {
|
||||
domain = "prod.gcp.example.com."
|
||||
private = {
|
||||
client_networks = [module.landing-trusted-vpc.self_link, module.landing-untrusted-vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
}
|
||||
|
@ -38,13 +41,16 @@ moved {
|
|||
}
|
||||
|
||||
module "prod-dns-peer-landing-root" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
type = "peering"
|
||||
name = "prod-root-dns-peering"
|
||||
domain = "."
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
peer_network = module.landing-trusted-vpc.self_link
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
name = "prod-root-dns-peering"
|
||||
zone_config = {
|
||||
domain = "."
|
||||
peering = {
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
peer_network = module.landing-trusted-vpc.self_link
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
moved {
|
||||
|
@ -53,11 +59,14 @@ moved {
|
|||
}
|
||||
|
||||
module "prod-dns-peer-landing-rev-10" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
type = "peering"
|
||||
name = "prod-reverse-10-dns-peering"
|
||||
domain = "10.in-addr.arpa."
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
peer_network = module.landing-trusted-vpc.self_link
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
name = "prod-reverse-10-dns-peering"
|
||||
zone_config = {
|
||||
domain = "10.in-addr.arpa."
|
||||
peering = {
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
peer_network = module.landing-trusted-vpc.self_link
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -19,12 +19,15 @@
|
|||
# GCP-specific environment zone
|
||||
|
||||
module "dev-dns-private-zone" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
type = "private"
|
||||
name = "dev-gcp-example-com"
|
||||
domain = "dev.gcp.example.com."
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
name = "dev-gcp-example-com"
|
||||
zone_config = {
|
||||
domain = "dev.gcp.example.com."
|
||||
private = {
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
}
|
||||
|
@ -36,13 +39,16 @@ moved {
|
|||
}
|
||||
|
||||
module "dev-dns-fwd-onprem-example" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
type = "forwarding"
|
||||
name = "example-com"
|
||||
domain = "onprem.example.com."
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
forwarders = { for ip in var.dns.dev : ip => null }
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
name = "example-com"
|
||||
zone_config = {
|
||||
domain = "onprem.example.com."
|
||||
forwarding = {
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
forwarders = { for ip in var.dns.dev : ip => null }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
moved {
|
||||
|
@ -51,13 +57,16 @@ moved {
|
|||
}
|
||||
|
||||
module "dev-dns-fwd-onprem-rev-10" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
type = "forwarding"
|
||||
name = "root-reverse-10"
|
||||
domain = "10.in-addr.arpa."
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
forwarders = { for ip in var.dns.dev : ip => null }
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
name = "root-reverse-10"
|
||||
zone_config = {
|
||||
domain = "10.in-addr.arpa."
|
||||
forwarding = {
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
forwarders = { for ip in var.dns.dev : ip => null }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Google APIs
|
||||
|
|
|
@ -19,12 +19,15 @@
|
|||
# GCP-specific environment zone
|
||||
|
||||
module "prod-dns-private-zone" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
type = "private"
|
||||
name = "prod-gcp-example-com"
|
||||
domain = "prod.gcp.example.com."
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
name = "prod-gcp-example-com"
|
||||
zone_config = {
|
||||
domain = "prod.gcp.example.com."
|
||||
private = {
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
}
|
||||
|
@ -36,13 +39,16 @@ moved {
|
|||
}
|
||||
|
||||
module "prod-dns-fwd-onprem-example" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
type = "forwarding"
|
||||
name = "example-com"
|
||||
domain = "onprem.example.com."
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
forwarders = { for ip in var.dns.prod : ip => null }
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
name = "example-com"
|
||||
zone_config = {
|
||||
domain = "onprem.example.com."
|
||||
forwarding = {
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
forwarders = { for ip in var.dns.prod : ip => null }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
moved {
|
||||
|
@ -51,13 +57,16 @@ moved {
|
|||
}
|
||||
|
||||
module "prod-dns-fwd-onprem-rev-10" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
type = "forwarding"
|
||||
name = "root-reverse-10"
|
||||
domain = "10.in-addr.arpa."
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
forwarders = { for ip in var.dns.prod : ip => null }
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
name = "root-reverse-10"
|
||||
zone_config = {
|
||||
domain = "10.in-addr.arpa."
|
||||
forwarding = {
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
forwarders = { for ip in var.dns.prod : ip => null }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Google APIs
|
||||
|
|
|
@ -19,12 +19,15 @@
|
|||
# GCP-specific environment zone
|
||||
|
||||
module "dev-dns-private-zone" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
type = "private"
|
||||
name = "dev-gcp-example-com"
|
||||
domain = "dev.gcp.example.com."
|
||||
client_networks = [module.landing-trusted-vpc.self_link, module.landing-untrusted-vpc.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
name = "dev-gcp-example-com"
|
||||
zone_config = {
|
||||
domain = "dev.gcp.example.com."
|
||||
private = {
|
||||
client_networks = [module.landing-trusted-vpc.self_link, module.landing-untrusted-vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
}
|
||||
|
@ -38,13 +41,16 @@ moved {
|
|||
}
|
||||
|
||||
module "dev-dns-peer-landing-root" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
type = "peering"
|
||||
name = "dev-root-dns-peering"
|
||||
domain = "."
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
peer_network = module.landing-trusted-vpc.self_link
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
name = "dev-root-dns-peering"
|
||||
zone_config = {
|
||||
domain = "."
|
||||
peering = {
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
peer_network = module.landing-trusted-vpc.self_link
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
moved {
|
||||
|
@ -53,11 +59,14 @@ moved {
|
|||
}
|
||||
|
||||
module "dev-dns-peer-landing-rev-10" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
type = "peering"
|
||||
name = "dev-reverse-10-dns-peering"
|
||||
domain = "10.in-addr.arpa."
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
peer_network = module.landing-trusted-vpc.self_link
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.dev-spoke-project.project_id
|
||||
name = "dev-reverse-10-dns-peering"
|
||||
zone_config = {
|
||||
domain = "10.in-addr.arpa."
|
||||
peering = {
|
||||
client_networks = [module.dev-spoke-vpc.self_link]
|
||||
peer_network = module.landing-trusted-vpc.self_link
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -26,14 +26,17 @@ moved {
|
|||
module "landing-dns-fwd-onprem-example" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.landing-project.project_id
|
||||
type = "forwarding"
|
||||
name = "example-com"
|
||||
domain = "onprem.example.com."
|
||||
client_networks = [
|
||||
module.landing-untrusted-vpc.self_link,
|
||||
module.landing-trusted-vpc.self_link
|
||||
]
|
||||
forwarders = { for ip in var.dns.onprem : ip => null }
|
||||
zone_config = {
|
||||
domain = "onprem.example.com."
|
||||
forwarding = {
|
||||
client_networks = [
|
||||
module.landing-untrusted-vpc.self_link,
|
||||
module.landing-trusted-vpc.self_link
|
||||
]
|
||||
forwarders = { for ip in var.dns.onprem : ip => null }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
moved {
|
||||
|
@ -44,14 +47,17 @@ moved {
|
|||
module "landing-dns-fwd-onprem-rev-10" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.landing-project.project_id
|
||||
type = "forwarding"
|
||||
name = "root-reverse-10"
|
||||
domain = "10.in-addr.arpa."
|
||||
client_networks = [
|
||||
module.landing-untrusted-vpc.self_link,
|
||||
module.landing-trusted-vpc.self_link
|
||||
]
|
||||
forwarders = { for ip in var.dns.onprem : ip => null }
|
||||
zone_config = {
|
||||
domain = "10.in-addr.arpa."
|
||||
forwarding = {
|
||||
client_networks = [
|
||||
module.landing-untrusted-vpc.self_link,
|
||||
module.landing-trusted-vpc.self_link
|
||||
]
|
||||
forwarders = { for ip in var.dns.onprem : ip => null }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
moved {
|
||||
|
@ -62,13 +68,16 @@ moved {
|
|||
module "landing-dns-priv-gcp" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.landing-project.project_id
|
||||
type = "private"
|
||||
name = "gcp-example-com"
|
||||
domain = "gcp.example.com."
|
||||
client_networks = [
|
||||
module.landing-untrusted-vpc.self_link,
|
||||
module.landing-trusted-vpc.self_link
|
||||
]
|
||||
zone_config = {
|
||||
domain = "gcp.example.com."
|
||||
private = {
|
||||
client_networks = [
|
||||
module.landing-untrusted-vpc.self_link,
|
||||
module.landing-trusted-vpc.self_link
|
||||
]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
}
|
||||
|
|
|
@ -19,12 +19,15 @@
|
|||
# GCP-specific environment zone
|
||||
|
||||
module "prod-dns-private-zone" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
type = "private"
|
||||
name = "prod-gcp-example-com"
|
||||
domain = "prod.gcp.example.com."
|
||||
client_networks = [module.landing-trusted-vpc.self_link, module.landing-untrusted-vpc.self_link]
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
name = "prod-gcp-example-com"
|
||||
zone_config = {
|
||||
domain = "prod.gcp.example.com."
|
||||
private = {
|
||||
client_networks = [module.landing-trusted-vpc.self_link, module.landing-untrusted-vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
}
|
||||
|
@ -38,13 +41,16 @@ moved {
|
|||
}
|
||||
|
||||
module "prod-dns-peer-landing-root" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
type = "peering"
|
||||
name = "prod-root-dns-peering"
|
||||
domain = "."
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
peer_network = module.landing-trusted-vpc.self_link
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
name = "prod-root-dns-peering"
|
||||
zone_config = {
|
||||
domain = "."
|
||||
peering = {
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
peer_network = module.landing-trusted-vpc.self_link
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
moved {
|
||||
|
@ -53,11 +59,14 @@ moved {
|
|||
}
|
||||
|
||||
module "prod-dns-peer-landing-rev-10" {
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
type = "peering"
|
||||
name = "prod-reverse-10-dns-peering"
|
||||
domain = "10.in-addr.arpa."
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
peer_network = module.landing-trusted-vpc.self_link
|
||||
source = "../../../modules/dns"
|
||||
project_id = module.prod-spoke-project.project_id
|
||||
name = "prod-reverse-10-dns-peering"
|
||||
zone_config = {
|
||||
domain = "10.in-addr.arpa."
|
||||
peering = {
|
||||
client_networks = [module.prod-spoke-vpc.self_link]
|
||||
peer_network = module.landing-trusted-vpc.self_link
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -10,12 +10,15 @@ For DNSSEC configuration, refer to the [`dns_managed_zone` documentation](https:
|
|||
|
||||
```hcl
|
||||
module "private-dns" {
|
||||
source = "./fabric/modules/dns"
|
||||
project_id = "myproject"
|
||||
type = "private"
|
||||
name = "test-example"
|
||||
domain = "test.example."
|
||||
client_networks = [var.vpc.self_link]
|
||||
source = "./fabric/modules/dns"
|
||||
project_id = "myproject"
|
||||
name = "test-example"
|
||||
zone_config = {
|
||||
domain = "test.example."
|
||||
private = {
|
||||
client_networks = [var.vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A localhost" = { records = ["127.0.0.1"] }
|
||||
"A myhost" = { ttl = 600, records = ["10.0.0.120"] }
|
||||
|
@ -24,50 +27,58 @@ module "private-dns" {
|
|||
"roles/dns.admin" = ["group:dns-administrators@myorg.com"]
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=4 inventory=private-zone.yaml
|
||||
# tftest modules=1 resources=5 inventory=private-zone.yaml
|
||||
```
|
||||
|
||||
### Forwarding Zone
|
||||
|
||||
```hcl
|
||||
module "private-dns" {
|
||||
source = "./fabric/modules/dns"
|
||||
project_id = "myproject"
|
||||
type = "forwarding"
|
||||
name = "test-example"
|
||||
domain = "test.example."
|
||||
client_networks = [var.vpc.self_link]
|
||||
forwarders = { "10.0.1.1" = null, "1.2.3.4" = "private" }
|
||||
source = "./fabric/modules/dns"
|
||||
project_id = "myproject"
|
||||
name = "test-example"
|
||||
zone_config = {
|
||||
domain = "test.example."
|
||||
forwarding = {
|
||||
client_networks = [var.vpc.self_link]
|
||||
forwarders = { "10.0.1.1" = null, "1.2.3.4" = "private" }
|
||||
}
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=1 inventory=forwarding-zone.yaml
|
||||
# tftest modules=1 resources=2 inventory=forwarding-zone.yaml
|
||||
```
|
||||
|
||||
### Peering Zone
|
||||
|
||||
```hcl
|
||||
module "private-dns" {
|
||||
source = "./fabric/modules/dns"
|
||||
project_id = "myproject"
|
||||
type = "peering"
|
||||
name = "test-example"
|
||||
domain = "."
|
||||
description = "Forwarding zone for ."
|
||||
client_networks = [var.vpc.self_link]
|
||||
peer_network = var.vpc2.self_link
|
||||
source = "./fabric/modules/dns"
|
||||
project_id = "myproject"
|
||||
name = "test-example"
|
||||
zone_config = {
|
||||
domain = "."
|
||||
peering = {
|
||||
client_networks = [var.vpc.self_link]
|
||||
peer_network = var.vpc2.self_link
|
||||
}
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=1 inventory=peering-zone.yaml
|
||||
# tftest modules=1 resources=2 inventory=peering-zone.yaml
|
||||
```
|
||||
|
||||
### Routing Policies
|
||||
|
||||
```hcl
|
||||
module "private-dns" {
|
||||
source = "./fabric/modules/dns"
|
||||
project_id = "myproject"
|
||||
type = "private"
|
||||
name = "test-example"
|
||||
domain = "test.example."
|
||||
client_networks = [var.vpc.self_link]
|
||||
source = "./fabric/modules/dns"
|
||||
project_id = "myproject"
|
||||
name = "test-example"
|
||||
zone_config = {
|
||||
domain = "test.example."
|
||||
private = {
|
||||
client_networks = [var.vpc.self_link]
|
||||
}
|
||||
}
|
||||
recordsets = {
|
||||
"A regular" = { records = ["10.20.0.1"] }
|
||||
"A geo" = {
|
||||
|
@ -88,21 +99,24 @@ module "private-dns" {
|
|||
}
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=4 inventory=routing-policies.yaml
|
||||
# tftest modules=1 resources=5 inventory=routing-policies.yaml
|
||||
```
|
||||
|
||||
### Reverse Lookup Zone
|
||||
|
||||
```hcl
|
||||
module "private-dns" {
|
||||
source = "./fabric/modules/dns"
|
||||
project_id = "myproject"
|
||||
type = "reverse-managed"
|
||||
name = "test-example"
|
||||
domain = "0.0.10.in-addr.arpa."
|
||||
client_networks = [var.vpc.self_link]
|
||||
source = "./fabric/modules/dns"
|
||||
project_id = "myproject"
|
||||
name = "test-example"
|
||||
zone_config = {
|
||||
domain = "0.0.10.in-addr.arpa."
|
||||
private = {
|
||||
client_networks = [var.vpc.self_link]
|
||||
}
|
||||
}
|
||||
}
|
||||
# tftest modules=1 resources=1 inventory=reverse-zone.yaml
|
||||
# tftest modules=1 resources=2 inventory=reverse-zone.yaml
|
||||
```
|
||||
|
||||
### Public Zone
|
||||
|
@ -111,9 +125,11 @@ module "private-dns" {
|
|||
module "public-dns" {
|
||||
source = "./fabric/modules/dns"
|
||||
project_id = "myproject"
|
||||
type = "public"
|
||||
name = "example"
|
||||
domain = "example.com."
|
||||
zone_config = {
|
||||
domain = "example.com."
|
||||
public = {}
|
||||
}
|
||||
recordsets = {
|
||||
"A myhost" = { ttl = 300, records = ["127.0.0.1"] }
|
||||
}
|
||||
|
@ -129,20 +145,12 @@ module "public-dns" {
|
|||
|
||||
| name | description | type | required | default |
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [domain](variables.tf#L54) | Zone domain, must end with a period. | <code>string</code> | ✓ | |
|
||||
| [name](variables.tf#L78) | Zone name, must be unique within the project. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L89) | Project id for the zone. | <code>string</code> | ✓ | |
|
||||
| [client_networks](variables.tf#L21) | List of VPC self links that can see this zone. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [description](variables.tf#L28) | Domain description. | <code>string</code> | | <code>"Terraform managed."</code> |
|
||||
| [dnssec_config](variables.tf#L34) | DNSSEC configuration for this zone. | <code title="object({ non_existence = optional(string, "nsec3") state = string key_signing_key = optional(object( { algorithm = string, key_length = number }), { algorithm = "rsasha256", key_length = 2048 } ) zone_signing_key = optional(object( { algorithm = string, key_length = number }), { algorithm = "rsasha256", key_length = 1024 } ) })">object({…})</code> | | <code title="{ state = "off" }">{…}</code> |
|
||||
| [enable_logging](variables.tf#L59) | Enable query logging for this zone. | <code>bool</code> | | <code>false</code> |
|
||||
| [forwarders](variables.tf#L66) | Map of {IPV4_ADDRESS => FORWARDING_PATH} for 'forwarding' zone types. Path can be 'default', 'private', or null for provider default. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [iam](variables.tf#L72) | IAM bindings in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>null</code> |
|
||||
| [peer_network](variables.tf#L83) | Peering network self link, only valid for 'peering' zone types. | <code>string</code> | | <code>null</code> |
|
||||
| [recordsets](variables.tf#L94) | Map of DNS recordsets in \"type name\" => {ttl, [records]} format. | <code title="map(object({ ttl = optional(number, 300) records = optional(list(string)) geo_routing = optional(list(object({ location = string records = list(string) }))) wrr_routing = optional(list(object({ weight = number records = list(string) }))) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [service_directory_namespace](variables.tf#L129) | Service directory namespace id (URL), only valid for 'service-directory' zone types. | <code>string</code> | | <code>null</code> |
|
||||
| [type](variables.tf#L135) | Type of zone to create, valid values are 'public', 'private', 'forwarding', 'peering', 'service-directory','reverse-managed'. | <code>string</code> | | <code>"private"</code> |
|
||||
| [zone_create](variables.tf#L145) | Create zone. When set to false, uses a data source to reference existing zone. | <code>bool</code> | | <code>true</code> |
|
||||
| [name](variables.tf#L33) | Zone name, must be unique within the project. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L38) | Project id for the zone. | <code>string</code> | ✓ | |
|
||||
| [description](variables.tf#L21) | Domain description. | <code>string</code> | | <code>"Terraform managed."</code> |
|
||||
| [iam](variables.tf#L27) | IAM bindings in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>null</code> |
|
||||
| [recordsets](variables.tf#L43) | Map of DNS recordsets in \"type name\" => {ttl, [records]} format. | <code title="map(object({ ttl = optional(number, 300) records = optional(list(string)) geo_routing = optional(list(object({ location = string records = list(string) }))) wrr_routing = optional(list(object({ weight = number records = list(string) }))) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [zone_config](variables.tf#L78) | DNS zone configuration. | <code title="object({ domain = string enable_logging = optional(bool, false) forwarding = optional(object({ forwarders = optional(map(string)) client_networks = list(string) })) peering = optional(object({ client_networks = list(string) peer_network = string })) public = optional(object({ dnssec_config = optional(object({ non_existence = optional(string, "nsec3") state = string key_signing_key = optional(object( { algorithm = string, key_length = number }), { algorithm = "rsasha256", key_length = 2048 } ) zone_signing_key = optional(object( { algorithm = string, key_length = number }), { algorithm = "rsasha256", key_length = 1024 } ) })) })) private = optional(object({ client_networks = list(string) service_directory_namespace = optional(string) })) })">object({…})</code> | | <code>null</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
@ -153,7 +161,6 @@ module "public-dns" {
|
|||
| [id](outputs.tf#L27) | Fully qualified zone id. | |
|
||||
| [name](outputs.tf#L32) | The DNS zone name. | |
|
||||
| [name_servers](outputs.tf#L37) | The DNS zone name servers. | |
|
||||
| [type](outputs.tf#L42) | The DNS zone type. | |
|
||||
| [zone](outputs.tf#L47) | DNS zone resource. | |
|
||||
| [zone](outputs.tf#L42) | DNS zone resource. | |
|
||||
|
||||
<!-- END TFDOC -->
|
||||
|
|
|
@ -15,77 +15,87 @@
|
|||
*/
|
||||
|
||||
locals {
|
||||
managed_zone = (var.zone_config == null ?
|
||||
data.google_dns_managed_zone.dns_managed_zone.0
|
||||
: google_dns_managed_zone.dns_managed_zone.0
|
||||
)
|
||||
# split record name and type and set as keys in a map
|
||||
_recordsets_0 = {
|
||||
for key, attrs in var.recordsets :
|
||||
key => merge(attrs, zipmap(["type", "name"], split(" ", key)))
|
||||
}
|
||||
# compute the final resource name for the recordset
|
||||
_recordsets = {
|
||||
recordsets = {
|
||||
for key, attrs in local._recordsets_0 :
|
||||
key => merge(attrs, {
|
||||
resource_name = (
|
||||
attrs.name == ""
|
||||
? var.domain
|
||||
? local.managed_zone.dns_name
|
||||
: (
|
||||
substr(attrs.name, -1, 1) == "."
|
||||
? attrs.name
|
||||
: "${attrs.name}.${var.domain}"
|
||||
: "${attrs.name}.${local.managed_zone.dns_name}"
|
||||
)
|
||||
)
|
||||
})
|
||||
}
|
||||
# split recordsets between regular, geo and wrr
|
||||
geo_recordsets = {
|
||||
for k, v in local._recordsets :
|
||||
k => v
|
||||
if v.geo_routing != null
|
||||
}
|
||||
regular_recordsets = {
|
||||
for k, v in local._recordsets :
|
||||
k => v
|
||||
if v.records != null
|
||||
}
|
||||
wrr_recordsets = {
|
||||
for k, v in local._recordsets :
|
||||
k => v
|
||||
if v.wrr_routing != null
|
||||
}
|
||||
zone = (
|
||||
var.zone_create
|
||||
? try(
|
||||
google_dns_managed_zone.non-public.0, try(
|
||||
google_dns_managed_zone.public.0, null
|
||||
)
|
||||
)
|
||||
: try(data.google_dns_managed_zone.public.0, null)
|
||||
client_networks = concat(
|
||||
coalesce(try(var.zone_config.forwarding.client_networks, null), []),
|
||||
coalesce(try(var.zone_config.peering.client_networks, null), []),
|
||||
coalesce(try(var.zone_config.private.client_networks, null), [])
|
||||
)
|
||||
dns_keys = try(
|
||||
data.google_dns_keys.dns_keys.0, null
|
||||
visibility = (var.zone_config == null ?
|
||||
null
|
||||
: (var.zone_config.forwarding != null ||
|
||||
var.zone_config.peering != null
|
||||
|| var.zone_config.private != null) ?
|
||||
"private" :
|
||||
"public"
|
||||
)
|
||||
}
|
||||
|
||||
resource "google_dns_managed_zone" "non-public" {
|
||||
count = (var.zone_create && var.type != "public") ? 1 : 0
|
||||
resource "google_dns_managed_zone" "dns_managed_zone" {
|
||||
count = (var.zone_config == null) ? 0 : 1
|
||||
provider = google-beta
|
||||
project = var.project_id
|
||||
name = var.name
|
||||
dns_name = var.domain
|
||||
dns_name = var.zone_config.domain
|
||||
description = var.description
|
||||
visibility = "private"
|
||||
reverse_lookup = (var.type == "reverse-managed")
|
||||
visibility = local.visibility
|
||||
reverse_lookup = try(var.zone_config.private, null) != null && endswith(var.zone_config.domain, ".in-addr.arpa.")
|
||||
|
||||
dynamic "dnssec_config" {
|
||||
for_each = try(var.zone_config.public.dnssec_config, null) == null ? [] : [""]
|
||||
iterator = config
|
||||
content {
|
||||
kind = "dns#managedZoneDnsSecConfig"
|
||||
non_existence = var.zone_config.public.dnssec_config.non_existence
|
||||
state = var.zone_config.public.dnssec_config.state
|
||||
|
||||
default_key_specs {
|
||||
algorithm = var.zone_config.public.dnssec_config.key_signing_key.algorithm
|
||||
key_length = var.zone_config.public.dnssec_config.key_signing_key.key_length
|
||||
key_type = "keySigning"
|
||||
kind = "dns#dnsKeySpec"
|
||||
}
|
||||
|
||||
default_key_specs {
|
||||
algorithm = var.zone_config.public.dnssec_config.zone_signing_key.algorithm
|
||||
key_length = var.zone_config.public.dnssec_config.zone_signing_key.key_length
|
||||
key_type = "zoneSigning"
|
||||
kind = "dns#dnsKeySpec"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
dynamic "forwarding_config" {
|
||||
for_each = (
|
||||
var.type == "forwarding" &&
|
||||
var.forwarders != null &&
|
||||
length(var.forwarders) > 0
|
||||
for_each = (length(coalesce(try(var.zone_config.forwarding.forwarders, null), {})) > 0
|
||||
? [""]
|
||||
: []
|
||||
)
|
||||
content {
|
||||
dynamic "target_name_servers" {
|
||||
for_each = var.forwarders
|
||||
for_each = var.zone_config.forwarding.forwarders
|
||||
iterator = forwarder
|
||||
content {
|
||||
ipv4_address = forwarder.key
|
||||
|
@ -96,21 +106,19 @@ resource "google_dns_managed_zone" "non-public" {
|
|||
}
|
||||
|
||||
dynamic "peering_config" {
|
||||
for_each = (
|
||||
var.type == "peering" && var.peer_network != null ? [""] : []
|
||||
)
|
||||
for_each = try(var.zone_config.peering.peer_network, null) == null ? [] : [""]
|
||||
content {
|
||||
target_network {
|
||||
network_url = var.peer_network
|
||||
network_url = var.zone_config.peering.peer_network
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
dynamic "private_visibility_config" {
|
||||
for_each = length(var.client_networks) > 0 ? [""] : []
|
||||
for_each = length(local.client_networks) > 0 ? [""] : []
|
||||
content {
|
||||
dynamic "networks" {
|
||||
for_each = var.client_networks
|
||||
for_each = local.client_networks
|
||||
iterator = network
|
||||
content {
|
||||
network_url = network.value
|
||||
|
@ -120,85 +128,41 @@ resource "google_dns_managed_zone" "non-public" {
|
|||
}
|
||||
|
||||
dynamic "service_directory_config" {
|
||||
for_each = (
|
||||
var.type == "service-directory" && var.service_directory_namespace != null
|
||||
? [""]
|
||||
: []
|
||||
for_each = (try(var.zone_config.private.service_directory_namespace, null) == null
|
||||
? []
|
||||
: [""]
|
||||
)
|
||||
content {
|
||||
namespace {
|
||||
namespace_url = var.service_directory_namespace
|
||||
namespace_url = var.zone_config.private.service_directory_namespace
|
||||
}
|
||||
}
|
||||
}
|
||||
cloud_logging_config {
|
||||
enable_logging = var.enable_logging
|
||||
enable_logging = try(var.zone_config.enable_logging, false)
|
||||
}
|
||||
}
|
||||
|
||||
data "google_dns_managed_zone" "public" {
|
||||
count = var.zone_create ? 0 : 1
|
||||
data "google_dns_managed_zone" "dns_managed_zone" {
|
||||
count = var.zone_config == null ? 1 : 0
|
||||
project = var.project_id
|
||||
name = var.name
|
||||
}
|
||||
|
||||
resource "google_dns_managed_zone" "public" {
|
||||
count = (var.zone_create && var.type == "public") ? 1 : 0
|
||||
project = var.project_id
|
||||
name = var.name
|
||||
dns_name = var.domain
|
||||
description = var.description
|
||||
visibility = "public"
|
||||
|
||||
dynamic "dnssec_config" {
|
||||
for_each = var.dnssec_config == null ? [] : [1]
|
||||
iterator = config
|
||||
content {
|
||||
kind = "dns#managedZoneDnsSecConfig"
|
||||
non_existence = var.dnssec_config.non_existence
|
||||
state = var.dnssec_config.state
|
||||
|
||||
default_key_specs {
|
||||
algorithm = var.dnssec_config.key_signing_key.algorithm
|
||||
key_length = var.dnssec_config.key_signing_key.key_length
|
||||
key_type = "keySigning"
|
||||
kind = "dns#dnsKeySpec"
|
||||
}
|
||||
|
||||
default_key_specs {
|
||||
algorithm = var.dnssec_config.zone_signing_key.algorithm
|
||||
key_length = var.dnssec_config.zone_signing_key.key_length
|
||||
key_type = "zoneSigning"
|
||||
kind = "dns#dnsKeySpec"
|
||||
}
|
||||
}
|
||||
}
|
||||
cloud_logging_config {
|
||||
enable_logging = var.enable_logging
|
||||
}
|
||||
}
|
||||
|
||||
resource "google_dns_managed_zone_iam_binding" "iam_bindings" {
|
||||
for_each = coalesce(var.iam, {})
|
||||
project = var.project_id
|
||||
managed_zone = (var.type == "public"
|
||||
? google_dns_managed_zone.public[0].name
|
||||
: google_dns_managed_zone.non-public[0].name)
|
||||
role = each.key
|
||||
members = each.value
|
||||
for_each = coalesce(var.iam, {})
|
||||
project = var.project_id
|
||||
managed_zone = local.managed_zone.id
|
||||
role = each.key
|
||||
members = each.value
|
||||
}
|
||||
|
||||
data "google_dns_keys" "dns_keys" {
|
||||
count = var.zone_create && (var.dnssec_config == {} || var.type != "public") ? 0 : 1
|
||||
managed_zone = local.zone.id
|
||||
managed_zone = local.managed_zone.id
|
||||
}
|
||||
|
||||
resource "google_dns_record_set" "cloud-static-records" {
|
||||
for_each = (
|
||||
var.type == "public" || var.type == "private"
|
||||
? local.regular_recordsets
|
||||
: {}
|
||||
)
|
||||
resource "google_dns_record_set" "dns_record_set" {
|
||||
for_each = local.recordsets
|
||||
project = var.project_id
|
||||
managed_zone = var.name
|
||||
name = each.value.resource_name
|
||||
|
@ -206,63 +170,27 @@ resource "google_dns_record_set" "cloud-static-records" {
|
|||
ttl = each.value.ttl
|
||||
rrdatas = each.value.records
|
||||
|
||||
depends_on = [
|
||||
google_dns_managed_zone.non-public, google_dns_managed_zone.public
|
||||
]
|
||||
}
|
||||
|
||||
resource "google_dns_record_set" "cloud-geo-records" {
|
||||
for_each = (
|
||||
var.type == "public" || var.type == "private"
|
||||
? local.geo_recordsets
|
||||
: {}
|
||||
)
|
||||
project = var.project_id
|
||||
managed_zone = var.name
|
||||
name = each.value.resource_name
|
||||
type = each.value.type
|
||||
ttl = each.value.ttl
|
||||
|
||||
routing_policy {
|
||||
dynamic "geo" {
|
||||
for_each = each.value.geo_routing
|
||||
iterator = policy
|
||||
content {
|
||||
location = policy.value.location
|
||||
rrdatas = policy.value.records
|
||||
dynamic "routing_policy" {
|
||||
for_each = (each.value.geo_routing != null || each.value.wrr_routing != null) ? [""] : []
|
||||
content {
|
||||
dynamic "geo" {
|
||||
for_each = coalesce(each.value.geo_routing, [])
|
||||
content {
|
||||
location = geo.value.location
|
||||
rrdatas = geo.value.records
|
||||
}
|
||||
}
|
||||
dynamic "wrr" {
|
||||
for_each = coalesce(each.value.wrr_routing, [])
|
||||
content {
|
||||
weight = wrr.value.weight
|
||||
rrdatas = wrr.value.records
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
depends_on = [
|
||||
google_dns_managed_zone.non-public, google_dns_managed_zone.public
|
||||
google_dns_managed_zone.dns_managed_zone
|
||||
]
|
||||
}
|
||||
|
||||
resource "google_dns_record_set" "cloud-wrr-records" {
|
||||
for_each = (
|
||||
var.type == "public" || var.type == "private"
|
||||
? local.wrr_recordsets
|
||||
: {}
|
||||
)
|
||||
project = var.project_id
|
||||
managed_zone = var.name
|
||||
name = each.value.resource_name
|
||||
type = each.value.type
|
||||
ttl = each.value.ttl
|
||||
|
||||
routing_policy {
|
||||
dynamic "wrr" {
|
||||
for_each = each.value.wrr_routing
|
||||
iterator = policy
|
||||
content {
|
||||
weight = policy.value.weight
|
||||
rrdatas = policy.value.records
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
depends_on = [
|
||||
google_dns_managed_zone.non-public, google_dns_managed_zone.public
|
||||
]
|
||||
}
|
||||
}
|
|
@ -16,35 +16,30 @@
|
|||
|
||||
output "dns_keys" {
|
||||
description = "DNSKEY and DS records of DNSSEC-signed managed zones."
|
||||
value = local.dns_keys
|
||||
value = data.google_dns_keys.dns_keys
|
||||
}
|
||||
|
||||
output "domain" {
|
||||
description = "The DNS zone domain."
|
||||
value = try(local.zone.dns_name, null)
|
||||
value = local.managed_zone.dns_name
|
||||
}
|
||||
|
||||
output "id" {
|
||||
description = "Fully qualified zone id."
|
||||
value = try(local.zone.id, null)
|
||||
value = local.managed_zone.id
|
||||
}
|
||||
|
||||
output "name" {
|
||||
description = "The DNS zone name."
|
||||
value = try(local.zone.name, null)
|
||||
value = local.managed_zone.name
|
||||
}
|
||||
|
||||
output "name_servers" {
|
||||
description = "The DNS zone name servers."
|
||||
value = try(local.zone.name_servers, null)
|
||||
}
|
||||
|
||||
output "type" {
|
||||
description = "The DNS zone type."
|
||||
value = var.type
|
||||
value = local.managed_zone.name_servers
|
||||
}
|
||||
|
||||
output "zone" {
|
||||
description = "DNS zone resource."
|
||||
value = local.zone
|
||||
value = local.managed_zone
|
||||
}
|
||||
|
|
|
@ -18,57 +18,12 @@
|
|||
# zone variables #
|
||||
###############################################################################
|
||||
|
||||
variable "client_networks" {
|
||||
description = "List of VPC self links that can see this zone."
|
||||
type = list(string)
|
||||
default = []
|
||||
nullable = false
|
||||
}
|
||||
|
||||
variable "description" {
|
||||
description = "Domain description."
|
||||
type = string
|
||||
default = "Terraform managed."
|
||||
}
|
||||
|
||||
variable "dnssec_config" {
|
||||
description = "DNSSEC configuration for this zone."
|
||||
type = object({
|
||||
non_existence = optional(string, "nsec3")
|
||||
state = string
|
||||
key_signing_key = optional(object(
|
||||
{ algorithm = string, key_length = number }),
|
||||
{ algorithm = "rsasha256", key_length = 2048 }
|
||||
)
|
||||
zone_signing_key = optional(object(
|
||||
{ algorithm = string, key_length = number }),
|
||||
{ algorithm = "rsasha256", key_length = 1024 }
|
||||
)
|
||||
})
|
||||
default = {
|
||||
state = "off"
|
||||
}
|
||||
nullable = false
|
||||
}
|
||||
|
||||
variable "domain" {
|
||||
description = "Zone domain, must end with a period."
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "enable_logging" {
|
||||
description = "Enable query logging for this zone."
|
||||
type = bool
|
||||
default = false
|
||||
nullable = false
|
||||
}
|
||||
|
||||
variable "forwarders" {
|
||||
description = "Map of {IPV4_ADDRESS => FORWARDING_PATH} for 'forwarding' zone types. Path can be 'default', 'private', or null for provider default."
|
||||
type = map(string)
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "iam" {
|
||||
description = "IAM bindings in {ROLE => [MEMBERS]} format."
|
||||
type = map(list(string))
|
||||
|
@ -80,12 +35,6 @@ variable "name" {
|
|||
type = string
|
||||
}
|
||||
|
||||
variable "peer_network" {
|
||||
description = "Peering network self link, only valid for 'peering' zone types."
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "project_id" {
|
||||
description = "Project id for the zone."
|
||||
type = string
|
||||
|
@ -126,27 +75,48 @@ variable "recordsets" {
|
|||
}
|
||||
}
|
||||
|
||||
variable "service_directory_namespace" {
|
||||
description = "Service directory namespace id (URL), only valid for 'service-directory' zone types."
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "type" {
|
||||
description = "Type of zone to create, valid values are 'public', 'private', 'forwarding', 'peering', 'service-directory','reverse-managed'."
|
||||
type = string
|
||||
default = "private"
|
||||
variable "zone_config" {
|
||||
description = "DNS zone configuration."
|
||||
type = object({
|
||||
domain = string
|
||||
enable_logging = optional(bool, false)
|
||||
forwarding = optional(object({
|
||||
forwarders = optional(map(string))
|
||||
client_networks = list(string)
|
||||
}))
|
||||
peering = optional(object({
|
||||
client_networks = list(string)
|
||||
peer_network = string
|
||||
}))
|
||||
public = optional(object({
|
||||
dnssec_config = optional(object({
|
||||
non_existence = optional(string, "nsec3")
|
||||
state = string
|
||||
key_signing_key = optional(object(
|
||||
{ algorithm = string, key_length = number }),
|
||||
{ algorithm = "rsasha256", key_length = 2048 }
|
||||
)
|
||||
zone_signing_key = optional(object(
|
||||
{ algorithm = string, key_length = number }),
|
||||
{ algorithm = "rsasha256", key_length = 1024 }
|
||||
)
|
||||
}))
|
||||
}))
|
||||
private = optional(object({
|
||||
client_networks = list(string)
|
||||
service_directory_namespace = optional(string)
|
||||
}))
|
||||
})
|
||||
validation {
|
||||
condition = contains(["public", "private", "forwarding", "peering", "service-directory", "reverse-managed"], var.type)
|
||||
error_message = "Zone must be one of 'public', 'private', 'forwarding', 'peering', 'service-directory','reverse-managed'."
|
||||
condition = (
|
||||
(try(var.zone_config.forwarding, null) == null ? 0 : 1) +
|
||||
(try(var.zone_config.peering, null) == null ? 0 : 1) +
|
||||
(try(var.zone_config.public, null) == null ? 0 : 1) +
|
||||
(try(var.zone_config.private, null) == null ? 0 : 1) <= 1
|
||||
)
|
||||
error_message = "Only one type of zone can be configured at a time."
|
||||
}
|
||||
}
|
||||
|
||||
variable "zone_create" {
|
||||
description = "Create zone. When set to false, uses a data source to reference existing zone."
|
||||
type = bool
|
||||
default = true
|
||||
default = null
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
|
|
@ -77,15 +77,18 @@ module "service-directory" {
|
|||
}
|
||||
|
||||
module "dns-sd" {
|
||||
source = "./fabric/modules/dns"
|
||||
project_id = "my-project"
|
||||
type = "service-directory"
|
||||
name = "apps"
|
||||
domain = "apps.example.org."
|
||||
client_networks = [var.vpc.self_link]
|
||||
service_directory_namespace = module.service-directory.id
|
||||
source = "./fabric/modules/dns"
|
||||
project_id = "my-project"
|
||||
name = "apps"
|
||||
zone_config = {
|
||||
domain = "apps.example.org."
|
||||
private = {
|
||||
client_networks = [var.vpc.self_link]
|
||||
service_directory_namespace = module.service-directory.id
|
||||
}
|
||||
}
|
||||
}
|
||||
# tftest modules=2 resources=5 inventory=dns.yaml
|
||||
# tftest modules=2 resources=6 inventory=dns.yaml
|
||||
```
|
||||
<!-- BEGIN TFDOC -->
|
||||
|
||||
|
|
|
@ -65,7 +65,7 @@ values:
|
|||
project: test1-project
|
||||
sensitive_labels: []
|
||||
type: email
|
||||
module.projects["project"].module.dns["ipsum"].google_dns_managed_zone.non-public[0]:
|
||||
module.projects["project"].module.dns["ipsum"].google_dns_managed_zone.dns_managed_zone[0]:
|
||||
dns_name: ipsum.dev.example.org
|
||||
name: ipsum
|
||||
private_visibility_config:
|
||||
|
@ -74,7 +74,7 @@ values:
|
|||
- network_url: projects/foo/networks/bar
|
||||
project: fast-dev-net-spoke-0
|
||||
visibility: private
|
||||
module.projects["project"].module.dns["lorem"].google_dns_managed_zone.non-public[0]:
|
||||
module.projects["project"].module.dns["lorem"].google_dns_managed_zone.dns_managed_zone[0]:
|
||||
dns_name: lorem.dev.example.org
|
||||
name: lorem
|
||||
private_visibility_config:
|
||||
|
|
|
@ -14,4 +14,4 @@
|
|||
|
||||
counts:
|
||||
modules: 27
|
||||
resources: 142
|
||||
resources: 151
|
||||
|
|
|
@ -14,4 +14,4 @@
|
|||
|
||||
counts:
|
||||
modules: 29
|
||||
resources: 179
|
||||
resources: 188
|
||||
|
|
|
@ -14,4 +14,4 @@
|
|||
|
||||
counts:
|
||||
modules: 41
|
||||
resources: 188
|
||||
resources: 197
|
||||
|
|
|
@ -14,4 +14,4 @@
|
|||
|
||||
counts:
|
||||
modules: 20
|
||||
resources: 162
|
||||
resources: 168
|
||||
|
|
|
@ -14,4 +14,4 @@
|
|||
|
||||
counts:
|
||||
modules: 35
|
||||
resources: 201
|
||||
resources: 210
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.private-dns.google_dns_managed_zone.non-public[0]:
|
||||
module.private-dns.google_dns_managed_zone.dns_managed_zone[0]:
|
||||
dns_name: test.example.
|
||||
forwarding_config:
|
||||
- target_name_servers:
|
||||
|
|
|
@ -13,8 +13,8 @@
|
|||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.private-dns.google_dns_managed_zone.non-public[0]:
|
||||
description: Forwarding zone for .
|
||||
module.private-dns.google_dns_managed_zone.dns_managed_zone[0]:
|
||||
description: Terraform managed.
|
||||
dns_name: .
|
||||
forwarding_config: []
|
||||
name: test-example
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.private-dns.google_dns_managed_zone.non-public[0]:
|
||||
module.private-dns.google_dns_managed_zone.dns_managed_zone[0]:
|
||||
description: Terraform managed.
|
||||
dns_name: test.example.
|
||||
force_destroy: false
|
||||
|
@ -26,7 +26,7 @@ values:
|
|||
- network_url: projects/xxx/global/networks/aaa
|
||||
project: myproject
|
||||
visibility: private
|
||||
module.private-dns.google_dns_record_set.cloud-static-records["A localhost"]:
|
||||
module.private-dns.google_dns_record_set.dns_record_set["A localhost"]:
|
||||
managed_zone: test-example
|
||||
name: localhost.test.example.
|
||||
project: myproject
|
||||
|
@ -35,7 +35,7 @@ values:
|
|||
- 127.0.0.1
|
||||
ttl: 300
|
||||
type: A
|
||||
module.private-dns.google_dns_record_set.cloud-static-records["A myhost"]:
|
||||
module.private-dns.google_dns_record_set.dns_record_set["A myhost"]:
|
||||
managed_zone: test-example
|
||||
name: myhost.test.example.
|
||||
project: myproject
|
||||
|
|
|
@ -13,12 +13,12 @@
|
|||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.public-dns.google_dns_managed_zone.public[0]:
|
||||
module.public-dns.google_dns_managed_zone.dns_managed_zone[0]:
|
||||
dns_name: example.com.
|
||||
name: example
|
||||
project: myproject
|
||||
visibility: public
|
||||
module.public-dns.google_dns_record_set.cloud-static-records["A myhost"]:
|
||||
module.public-dns.google_dns_record_set.dns_record_set["A myhost"]:
|
||||
managed_zone: example
|
||||
name: myhost.example.com.
|
||||
project: myproject
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.private-dns.google_dns_managed_zone.non-public[0]:
|
||||
module.private-dns.google_dns_managed_zone.dns_managed_zone[0]:
|
||||
description: Terraform managed.
|
||||
dns_name: 0.0.10.in-addr.arpa.
|
||||
name: test-example
|
||||
|
|
|
@ -13,11 +13,11 @@
|
|||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.private-dns.google_dns_managed_zone.non-public[0]:
|
||||
module.private-dns.google_dns_managed_zone.dns_managed_zone[0]:
|
||||
dns_name: test.example.
|
||||
name: test-example
|
||||
project: myproject
|
||||
module.private-dns.google_dns_record_set.cloud-geo-records["A geo"]:
|
||||
module.private-dns.google_dns_record_set.dns_record_set["A geo"]:
|
||||
managed_zone: test-example
|
||||
name: geo.test.example.
|
||||
project: myproject
|
||||
|
@ -41,7 +41,7 @@ values:
|
|||
rrdatas: null
|
||||
ttl: 300
|
||||
type: A
|
||||
module.private-dns.google_dns_record_set.cloud-static-records["A regular"]:
|
||||
module.private-dns.google_dns_record_set.dns_record_set["A regular"]:
|
||||
managed_zone: test-example
|
||||
name: regular.test.example.
|
||||
project: myproject
|
||||
|
@ -50,7 +50,7 @@ values:
|
|||
- 10.20.0.1
|
||||
ttl: 300
|
||||
type: A
|
||||
module.private-dns.google_dns_record_set.cloud-wrr-records["A wrr"]:
|
||||
module.private-dns.google_dns_record_set.dns_record_set["A wrr"]:
|
||||
managed_zone: test-example
|
||||
name: wrr.test.example.
|
||||
project: myproject
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
type = "private"
|
||||
domain = "test.example."
|
||||
name = "test"
|
||||
project_id = "my-project"
|
||||
client_networks = []
|
|
@ -1,25 +0,0 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
google_dns_managed_zone.non-public[0]:
|
||||
dns_name: test.example.
|
||||
name: test
|
||||
private_visibility_config: []
|
||||
visibility: private
|
||||
|
||||
counts:
|
||||
google_dns_managed_zone: 1
|
||||
modules: 0
|
||||
resources: 1
|
|
@ -1,4 +0,0 @@
|
|||
type = "forwarding"
|
||||
domain = "test.example."
|
||||
name = "test"
|
||||
project_id = "my-project"
|
|
@ -1,20 +0,0 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
values:
|
||||
google_dns_managed_zone.non-public[0]:
|
||||
forwarding_config: []
|
||||
|
||||
counts:
|
||||
google_dns_managed_zone: 1
|
|
@ -1,19 +0,0 @@
|
|||
# Copyright 2023 Google LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
module: modules/dns
|
||||
|
||||
tests:
|
||||
no_clients:
|
||||
null_forwarders:
|
|
@ -13,7 +13,7 @@
|
|||
# limitations under the License.
|
||||
|
||||
values:
|
||||
module.dns-sd.google_dns_managed_zone.non-public[0]:
|
||||
module.dns-sd.google_dns_managed_zone.dns_managed_zone[0]:
|
||||
dns_name: apps.example.org.
|
||||
visibility: private
|
||||
module.service-directory.google_service_directory_endpoint.default["app1/one"]:
|
||||
|
|
Loading…
Reference in New Issue