Skip to content

Latest commit

 

History

History
87 lines (73 loc) · 4.27 KB

README.md

File metadata and controls

87 lines (73 loc) · 4.27 KB

Google Cloud DNS Module

This module allows simple management of Google Cloud DNS zones and records. It supports creating public, private, forwarding, peering and service directory based zones.

For DNSSEC configuration, refer to the dns_managed_zone documentation.

Examples

Private Zone

module "private-dns" {
  source          = "./modules/dns"
  project_id      = "myproject"
  type            = "private"
  name            = "test-example"
  domain          = "test.example."
  client_networks = [var.vpc.self_link]
  recordsets = {
    "A localhost" = { ttl = 300, records = ["127.0.0.1"] }
  }
}
# tftest modules=1 resources=2

Forwarding Zone

module "private-dns" {
  source          = "./modules/dns"
  project_id      = "myproject"
  type            = "forwarding"
  name            = "test-example"
  domain          = "test.example."
  client_networks = [var.vpc.self_link]
  forwarders      = { "10.0.1.1" = null, "1.2.3.4" = "private" }
}
# tftest modules=1 resources=1

Peering Zone

module "private-dns" {
  source          = "./modules/dns"
  project_id      = "myproject"
  type            = "peering"
  name            = "test-example"
  domain          = "test.example."
  client_networks = [var.vpc.self_link]
  peer_network    = var.vpc2.self_link
}
# tftest modules=1 resources=1

Variables

name description type required default
domain Zone domain, must end with a period. string
name Zone name, must be unique within the project. string
project_id Project id for the zone. string
client_networks List of VPC self links that can see this zone. list(string) []
default_key_specs_key DNSSEC default key signing specifications: algorithm, key_length, key_type, kind. any {}
default_key_specs_zone DNSSEC default zone signing specifications: algorithm, key_length, key_type, kind. any {}
description Domain description. string "Terraform managed."
dnssec_config DNSSEC configuration: kind, non_existence, state. any {}
forwarders Map of {IPV4_ADDRESS => FORWARDING_PATH} for 'forwarding' zone types. Path can be 'default', 'private', or null for provider default. map(string) {}
peer_network Peering network self link, only valid for 'peering' zone types. string null
recordsets Map of DNS recordsets in "type name" => {ttl, [records]} format. map(object({…})) {}
service_directory_namespace Service directory namespace id (URL), only valid for 'service-directory' zone types. string null
type Type of zone to create, valid values are 'public', 'private', 'forwarding', 'peering', 'service-directory'. string "private"
zone_create Create zone. When set to false, uses a data source to reference existing zone. bool true

Outputs

name description sensitive
dns_keys DNSKEY and DS records of DNSSEC-signed managed zones.
domain The DNS zone domain.
name The DNS zone name.
name_servers The DNS zone name servers.
type The DNS zone type.
zone DNS zone resource.