# Terraform STACKIT DNS Zone and Record Set Module This module allows you to declaratively manage DNS zones and their associated record sets in STACKIT. It supports: - Creating one or more new DNS zones. - Using pre-existing DNS zones by providing a `zone_id`. - Creating one or more record sets within any managed zone. ## Usage Example Here is an example of how to use the module to create one or many new zones and use another pre-existing one. ```terraform terraform { required_providers { stackit = { source = "stackitcloud/stackit" version = "~> 0.59.0" } } backend "s3" { endpoints = { s3 = "https://object.storage.eu01.onstackit.cloud" } bucket = "test-bucket" key = "state/test/dns" region = "eu01" skip_region_validation = true skip_metadata_api_check = true skip_credentials_validation = true skip_requesting_account_id = true skip_s3_checksum = true use_path_style = true } } provider "stackit" { # Configure your provider credentials, i.e.: default_region = local.region enable_beta_resources = true service_account_key_path = "sa_key.json" } module "dns" { source = "./path/to/your/module" # Or a Git URL git::https://commerce-platform.git.onstackit.cloud/commerce-platform-public//terraform-modules/dns project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" zones = { # EXAMPLE 1: Create multiple zones with multiple A records "primary_domain" = { name = "first domain" dns_name = "test-b.stackit.rocks" record_sets = { "qa-test" = { name = "qa-test" type = "A" ttl = 3600 records = ["192.0.1.1", "192.0.1.2"] } "beta-test" = { name = "beta-test" type = "A" ttl = 3600 records = ["192.0.2.10", "192.0.2.20", "192.0.2.30"] } } }, "secondary_domain" = { name = "second domain" dns_name = "test-a.stackit.rocks" record_sets = { "alpha-records" = { name = "alpha-test" type = "A" ttl = 3600 records = ["192.10.2.10", "192.10.2.20", "192.10.2.30"] } } }, # EXAMPLE 2: Use a pre-existing zone and add a new TXT and A record to it "existing_domain" = { zone_id = "zzzzzzzz-zzzz-zzzz-zzzz-zzzzzzzzzzzz" record_sets = { "spf_txt" = { name = "@" type = "TXT" records = ["v=spf1 mx -all"] ttl = 7200 comment = "this is a test txt record" }, "spf_cname" = { name = "exampledomain" type = "A" ttl = 3600 records = ["192.0.29.1"] } } }, # EXAMPLE 3: Create a new zone with no initial records "empty_domain" = { name = "My Empty Domain" dns_name = "empty-example.com" } } } ``` ## Inputs | Variable Name | Description | Type | Required | | ------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | -------- | | `project_id` | STACKIT project ID to which the DNS resources are associated. | `string` | Yes | | `zones` | A map of DNS zones to be created or managed. Each zone contains a `name`, `dns_name`, and `record_sets` map. | `map` | Yes | | `record_sets` | A map of DNS record sets to create within this zone. Each record set contains a `name`, `type`, `records`, `ttl`, `comment`, and `active` attribute. | `map` | Optional | ### Values for zones | Key | Description | Type | Required | | ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------ | -------------- | ----------------------------------- | | `zone_id` | The ID of an existing DNS zone to manage. If provided, the module will use the existing zone. If not provided, a new zone will be created. | `string` | Optional | | `name` | The descriptive name of the DNS zone. | `string` | Optional | | `dns_name` | The DNS name of the DNS zone. | `string` | Optional | | `contact_email` | The contact email for the DNS zone. | `string` | Optional | | `description` | A description of the DNS zone. | `string` | Optional | | `acl` | The Access Control List (ACL) for the DNS zone. | `string` | Optional | | `active` | Whether the DNS zone is active or not. | `bool` | Optional (currently non-functional) | | `default_ttl` | The default Time-to-Live (TTL) for records in the DNS zone. | `number` | Optional | | `expire_time` | The expiration time for the DNS zone. | `number` | Optional | | `is_reverse_zone` | Whether the DNS zone is a reverse zone or not. | `bool` | Optional | | `negative_cache` | The negative cache duration for the DNS zone. | `number` | Optional | | `primaries` | A list of primary name servers for the DNS zone. | `list(string)` | Optional | | `refresh_time` | The refresh time for the DNS zone. | `number` | Optional | | `retry_time` | The retry time for the DNS zone. | `number` | Optional | | `type` | The type of the DNS zone. Defaults to "primary" if not provided. | `string` | Optional | ### Values for record_sets | Key | Description | Type | Required | | --------- | ------------------------------------------------------------- | -------------- | ----------------------------------- | | `name` | The name of the DNS record set. | `string` | Yes | | `type` | The type of the DNS record set. | `string` | Yes | | `records` | A list of DNS records for the record set. | `list(string)` | Yes | | `ttl` | The Time-to-Live (TTL) for the DNS records in the record set. | `number` | Optional | | `comment` | A comment for the DNS record set. | `string` | Optional | | `active` | Whether the DNS record set is active or not. | `bool` | Optional (currently non-functional) | ## Outputs | Name | Description | | ------------- | ------------------------------------------------------------------------------------------ | | `zones` | A map of all managed DNS zone objects, including those created and those referenced by ID. | | `record_sets` | A map of all created DNS record set objects. | ## Notes Setting a zone or record to inactive by using `active = false` is currently not possible due to a bug in the provider. It is active by default.