terraform-modules/dns

Terraform STACKIT DNS Zone and Record Set Module

This module allows you to declaratively manage DNS zones and their associated record sets in STACKIT.

It supports:

• Creating one or more new DNS zones.
• Using pre-existing DNS zones by providing a zone_id.
• Creating one or more record sets within any managed zone.

Usage Example

Here is an example of how to use the module to create one or many new zones and use another pre-existing one.

terraform {
  required_providers {
    stackit = {
      source  = "stackitcloud/stackit"
      version = "~> 0.59.0"
    }
  }
  backend "s3" {
    endpoints = {
      s3 = "https://object.storage.eu01.onstackit.cloud"
    }
    bucket                      = "test-bucket"
    key                         = "state/test/dns"
    region                      = "eu01"
    skip_region_validation      = true
    skip_metadata_api_check     = true
    skip_credentials_validation = true
    skip_requesting_account_id  = true
    skip_s3_checksum            = true
    use_path_style              = true
  }
}

provider "stackit" {
  # Configure your provider credentials, i.e.:
  default_region           = local.region
  enable_beta_resources    = true
  service_account_key_path = "sa_key.json"
}

module "dns" {
  source     = "./path/to/your/module" # Or a Git URL git::https://commerce-platform.git.onstackit.cloud/commerce-platform-public//terraform-modules/dns
  project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"

  zones = {
    # EXAMPLE 1: Create multiple zones with multiple A records
    "primary_domain" = {
      name     = "first domain"
      dns_name = "test-b.stackit.rocks"
      record_sets = {
        "qa-test" = {
          name    = "qa-test"
          type    = "A"
          ttl     = 3600
          records = ["192.0.1.1", "192.0.1.2"]
        }
        "beta-test" = {
          name    = "beta-test"
          type    = "A"
          ttl     = 3600
          records = ["192.0.2.10", "192.0.2.20", "192.0.2.30"]
        }
      }
    },
    "secondary_domain" = {
      name     = "second domain"
      dns_name = "test-a.stackit.rocks"
      record_sets = {
        "alpha-records" = {
          name    = "alpha-test"
          type    = "A"
          ttl     = 3600
          records = ["192.10.2.10", "192.10.2.20", "192.10.2.30"]
        }
      }
    },

    # EXAMPLE 2: Use a pre-existing zone and add a new TXT and A record to it
    "existing_domain" = {
      zone_id = "zzzzzzzz-zzzz-zzzz-zzzz-zzzzzzzzzzzz"
      record_sets = {
        "spf_txt" = {
          name    = "@"
          type    = "TXT"
          records = ["v=spf1 mx -all"]
          ttl     = 7200
          comment = "this is a test txt record"
        },
        "spf_cname" = {
          name    = "exampledomain"
          type    = "A"
          ttl     = 3600
          records = ["192.0.29.1"]
        }
      }
    },

    # EXAMPLE 3: Create a new zone with no initial records
    "empty_domain" = {
      name     = "My Empty Domain"
      dns_name = "empty-example.com"
    }
  }
}

Inputs

Variable Name	Description	Type	Required
project_id	STACKIT project ID to which the DNS resources are associated.	string	Yes
zones	A map of DNS zones to be created or managed. Each zone contains a name, dns_name, and record_sets map.	map	Yes
record_sets	A map of DNS record sets to create within this zone. Each record set contains a name, type, records, ttl, comment, and active attribute.	map	Optional

Values for zones

Key	Description	Type	Required
zone_id	The ID of an existing DNS zone to manage. If provided, the module will use the existing zone. If not provided, a new zone will be created.	string	Optional
name	The descriptive name of the DNS zone.	string	Optional
dns_name	The DNS name of the DNS zone.	string	Optional
contact_email	The contact email for the DNS zone.	string	Optional
description	A description of the DNS zone.	string	Optional
acl	The Access Control List (ACL) for the DNS zone.	string	Optional
active	Whether the DNS zone is active or not.	bool	Optional (currently non-functional)
default_ttl	The default Time-to-Live (TTL) for records in the DNS zone.	number	Optional
expire_time	The expiration time for the DNS zone.	number	Optional
is_reverse_zone	Whether the DNS zone is a reverse zone or not.	bool	Optional
negative_cache	The negative cache duration for the DNS zone.	number	Optional
primaries	A list of primary name servers for the DNS zone.	list(string)	Optional
refresh_time	The refresh time for the DNS zone.	number	Optional
retry_time	The retry time for the DNS zone.	number	Optional
type	The type of the DNS zone. Defaults to "primary" if not provided.	string	Optional

Values for record_sets

Key	Description	Type	Required
name	The name of the DNS record set.	string	Yes
type	The type of the DNS record set.	string	Yes
records	A list of DNS records for the record set.	list(string)	Yes
ttl	The Time-to-Live (TTL) for the DNS records in the record set.	number	Optional
comment	A comment for the DNS record set.	string	Optional
active	Whether the DNS record set is active or not.	bool	Optional (currently non-functional)

Outputs

Name	Description
zones	A map of all managed DNS zone objects, including those created and those referenced by ID.
record_sets	A map of all created DNS record set objects.

Notes

Setting a zone or record to inactive by using active = false is currently not possible due to a bug in the provider. It is active by default.