Skip to content

Latest commit

 

History

History
130 lines (98 loc) · 6.06 KB

README.md

File metadata and controls

130 lines (98 loc) · 6.06 KB
Raw

Terraform Google Cloud DNS Module

This module makes it easy to create Google Cloud DNS zones of different types, and manage their records. It supports creating public, private, forwarding, peering, reverse_lookup and service directory zones.

The resources/services/activations/deletions that this module will create/trigger are:

  • One google_dns_managed_zone for the zone
  • Zero or more google_dns_record_set for the zone records

Compatibility

This module is meant for use with Terraform 0.13+ and tested using Terraform 1.0+. If you find incompatibilities using Terraform >=0.13, please open an issue. If you haven't upgraded and need a Terraform 0.12.x-compatible version of this module, the last released version intended for Terraform 0.12.x is v3.1.0.

Usage

Basic usage of this module for a private zone is as follows:

module "dns-private-zone" {
  source  = "terraform-google-modules/cloud-dns/google"
  version = "4.0"
  project_id = "my-project"
  type       = "private"
  name       = "example-com"
  domain     = "example.com."

  private_visibility_config_networks = [
    "https://www.googleapis.com/compute/v1/projects/my-project/global/networks/my-vpc"
  ]

  recordsets = [
    {
      name    = ""
      type    = "NS"
      ttl     = 300
      records = [
        "127.0.0.1",
      ]
    },
    {
      name    = "localhost"
      type    = "A"
      ttl     = 300
      records = [
        "127.0.0.1",
      ]
    },
  ]
}

Functional examples are included in the examples directory.

Inputs

Name Description Type Default Required
default_key_specs_key Object containing default key signing specifications : algorithm, key_length, key_type, kind. Please see https://www.terraform.io/docs/providers/google/r/dns_managed_zone#dnssec_config for futhers details any {} no
default_key_specs_zone Object containing default zone signing specifications : algorithm, key_length, key_type, kind. Please see https://www.terraform.io/docs/providers/google/r/dns_managed_zone#dnssec_config for futhers details any {} no
description zone description (shown in console) string "Managed by Terraform" no
dnssec_config Object containing : kind, non_existence, state. Please see https://www.terraform.io/docs/providers/google/r/dns_managed_zone#dnssec_config for futhers details any {} no
domain Zone domain, must end with a period. string n/a yes
enable_logging Enable query logging for this ManagedZone bool false no
force_destroy Set this true to delete all records in the zone. bool false no
labels A set of key/value label pairs to assign to this ManagedZone map(any) {} no
name Zone name, must be unique within the project. string n/a yes
private_visibility_config_networks List of VPC self links that can see this zone. list(string) [] no
project_id Project id for the zone. string n/a yes
recordsets List of DNS record objects to manage, in the standard terraform dns structure. 
list(object({
    name    = string
    type    = string
    ttl     = number
    records = optional(list(string), null)

    routing_policy = optional(object({
      wrr = optional(list(object({
        weight  = number
        records = list(string)
      })), [])
      geo = optional(list(object({
        location = string
        records  = list(string)
      })), [])
    }))
  }))
 [] no
service_namespace_url The fully qualified or partial URL of the service directory namespace that should be associated with the zone. This should be formatted like https://servicedirectory.googleapis.com/v1/projects/{project}/locations/{location}/namespaces/{namespace_id} or simply projects/{project}/locations/{location}/namespaces/{namespace_id}. string "" no
target_name_server_addresses List of target name servers for forwarding zone. list(map(any)) [] no
target_network Peering network. string "" no
type Type of zone to create, valid values are 'public', 'private', 'forwarding', 'peering', 'reverse_lookup' and 'service_directory'. string "private" no

Outputs

Name Description
domain The DNS zone domain.
name The DNS zone name.
name_servers The DNS zone name servers.
type The DNS zone type.

Requirements

These sections describe requirements for using this module.

Software

The following dependencies must be available:

Service Account

User or service account credentials with the following roles must be used to provision the resources of this module:

  • DNS Administrator: roles/dns.admin

The Project Factory module and the IAM module may be used in combination to provision a service account with the necessary roles applied.

APIs

A project with the following APIs enabled must be used to host the resources of this module:

  • Google Cloud DNS API: dns.googleapis.com

The Project Factory module can be used to provision a project with the necessary APIs enabled.

Contributing

Refer to the contribution guidelines for information on contributing to this module.