kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
140c4e6446d7ce89f42eb40b83d52c0fbc1c2184
hunfabric/modules/dns
History
Jay Bana 2a2c4a96ce Add support for sqlAssertion AutoDQ rule type in dataplex-datascan (#2416) 
* Add sql_assertion rule type to Dataplex AutoDQ data_quality_spec

* Fix broken link to API reference public doc for DQ spec

* Update README.md after linting

* Add example tests for dataplex-datascan

* Bump provider versions

* Bump provider versions everywhere
2024-07-09 21:29:45 +00:00
..
main.tf
Add tflint to pipelines (#2220)
2024-04-17 10:23:48 +02:00
outputs.tf
Fix dnssec keys lookup (#1728)
2023-10-03 21:37:21 +02:00
README.md
add validation rule for DNS module health check targets (#2205)
2024-04-08 11:30:42 +00:00
variables.tf
add validation rule for DNS module health check targets (#2205)
2024-04-08 11:30:42 +00:00
versions.tf
Add support for sqlAssertion AutoDQ rule type in dataplex-datascan (#2416)
2024-07-09 21:29:45 +00:00

README.md

Google Cloud DNS Module

This module allows simple management of Google Cloud DNS zones and records. It supports creating public, private, forwarding, peering, service directory and reverse-managed based zones. To create inbound/outbound server policies, please have a look at the net-vpc module.

For DNSSEC configuration, refer to the dns_managed_zone documentation.

Examples

Private Zone

module "private-dns" {
  source     = "./fabric/modules/dns"
  project_id = var.project_id
  name       = "test-example"
  zone_config = {
    domain = "test.example."
    private = {
      client_networks = [var.vpc.self_link]
    }
  }
  recordsets = {
    "A localhost" = { records = ["127.0.0.1"] }
    "A myhost"    = { ttl = 600, records = ["10.0.0.120"] }
  }
  iam = {
    "roles/dns.admin" = ["group:${var.group_email}"]
  }
}
# tftest modules=1 resources=4 inventory=private-zone.yaml e2e

Forwarding Zone

module "private-dns" {
  source     = "./fabric/modules/dns"
  project_id = var.project_id
  name       = "test-example"
  zone_config = {
    domain = "test.example."
    forwarding = {
      client_networks = [var.vpc.self_link]
      forwarders      = { "10.0.1.1" = null, "1.2.3.4" = "private" }
    }
  }
}
# tftest modules=1 resources=1 inventory=forwarding-zone.yaml e2e

Peering Zone

module "private-dns" {
  source     = "./fabric/modules/dns"
  project_id = var.project_id
  name       = "test-example"
  zone_config = {
    domain = "."
    peering = {
      client_networks = [var.vpc.self_link]
      peer_network    = var.vpc2.self_link
    }
  }
}
# tftest modules=1 resources=1 inventory=peering-zone.yaml

Routing Policies

module "private-dns" {
  source     = "./fabric/modules/dns"
  project_id = var.project_id
  name       = "test-example"
  zone_config = {
    domain = "test.example."
    private = {
      client_networks = [var.vpc.self_link]
    }
  }
  recordsets = {
    "A regular" = { records = ["10.20.0.1"] }
    "A geo1" = {
      geo_routing = [
        { location = "europe-west1", records = ["10.0.0.1"] },
        { location = "europe-west2", records = ["10.0.0.2"] },
        { location = "europe-west3", records = ["10.0.0.3"] }
      ]
    }
    "A geo2" = {
      geo_routing = [
        { location = var.region, health_checked_targets = [
          {
            load_balancer_type = "globalL7ilb"
            ip_address         = module.net-lb-app-int-cross-region.addresses[var.region]
            port               = "80"
            ip_protocol        = "tcp"
            network_url        = var.vpc.self_link
            project            = var.project_id
          }
        ] }
      ]
    }
    "A wrr" = {
      ttl = 600
      wrr_routing = [
        { weight = 0.6, records = ["10.10.0.1"] },
        { weight = 0.2, records = ["10.10.0.2"] },
        { weight = 0.2, records = ["10.10.0.3"] }
      ]
    }
  }
}
# tftest modules=4 resources=12 fixtures=fixtures/net-lb-app-int-cross-region.tf,fixtures/compute-mig.tf inventory=routing-policies.yaml e2e

Reverse Lookup Zone

module "private-dns" {
  source     = "./fabric/modules/dns"
  project_id = var.project_id
  name       = "test-example"
  zone_config = {
    domain = "0.0.10.in-addr.arpa."
    private = {
      client_networks = [var.vpc.self_link]
    }
  }
}
# tftest modules=1 resources=1 inventory=reverse-zone.yaml e2e

Public Zone

module "public-dns" {
  source     = "./fabric/modules/dns"
  project_id = var.project_id
  name       = "test-example"
  zone_config = {
    domain = "test.example."
    public = {}
  }
  recordsets = {
    "A myhost" = { ttl = 300, records = ["127.0.0.1"] }
  }
  iam = {
    "roles/dns.admin" = ["group:${var.group_email}"]
  }
}
# tftest modules=1 resources=3 inventory=public-zone.yaml e2e

Variables

name description type required default
name Zone name, must be unique within the project. string
project_id Project id for the zone. string
description Domain description. string "Terraform managed."
force_destroy Set this to true to delete all records in the zone upon zone destruction. bool null
iam IAM bindings in {ROLE => [MEMBERS]} format. map(list(string)) null
recordsets Map of DNS recordsets in "type name" => {ttl, [records]} format. map(object({…})) {}
zone_config DNS zone configuration. object({…}) null

Outputs

name description sensitive
dns_keys DNSKEY and DS records of DNSSEC-signed managed zones.
domain The DNS zone domain.
id Fully qualified zone id.
name The DNS zone name.
name_servers The DNS zone name servers.
zone DNS zone resource.

Fixtures