commerce-platform-public/terraform-modules
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
terraform-modules/dns/README.md

9.3 KiB
Raw Blame History

Terraform STACKIT DNS Zone and Record Set Module

This module allows you to declaratively manage DNS zones and their associated record sets in STACKIT.

It supports:

  • Creating one or more new DNS zones.
  • Using pre-existing DNS zones by providing a zone_id.
  • Creating one or more record sets within any managed zone.

Usage Example

Here is an example of how to use the module to create one or many new zones and use another pre-existing one.

terraform {
  required_providers {
    stackit = {
      source  = "stackitcloud/stackit"
      version = "~> 0.59.0"
    }
  }
  backend "s3" {
    endpoints = {
      s3 = "https://object.storage.eu01.onstackit.cloud"
    }
    bucket                      = "test-bucket"
    key                         = "state/test/dns"
    region                      = "eu01"
    skip_region_validation      = true
    skip_metadata_api_check     = true
    skip_credentials_validation = true
    skip_requesting_account_id  = true
    skip_s3_checksum            = true
    use_path_style              = true
  }
}

provider "stackit" {
  # Configure your provider credentials, i.e.:
  default_region           = local.region
  enable_beta_resources    = true
  service_account_key_path = "sa_key.json"
}

module "dns" {
  source     = "./path/to/your/module" # Or a Git URL git::https://commerce-platform.git.onstackit.cloud/commerce-platform-public//terraform-modules/dns
  project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"

  zones = {
    # EXAMPLE 1: Create multiple zones with multiple A records
    "primary_domain" = {
      name     = "first domain"
      dns_name = "test-b.stackit.rocks"
      record_sets = {
        "qa-test" = {
          name    = "qa-test"
          type    = "A"
          ttl     = 3600
          records = ["192.0.1.1", "192.0.1.2"]
        }
        "beta-test" = {
          name    = "beta-test"
          type    = "A"
          ttl     = 3600
          records = ["192.0.2.10", "192.0.2.20", "192.0.2.30"]
        }
      }
    },
    "secondary_domain" = {
      name     = "second domain"
      dns_name = "test-a.stackit.rocks"
      record_sets = {
        "alpha-records" = {
          name    = "alpha-test"
          type    = "A"
          ttl     = 3600
          records = ["192.10.2.10", "192.10.2.20", "192.10.2.30"]
        }
      }
    },

    # EXAMPLE 2: Use a pre-existing zone and add a new TXT and A record to it
    "existing_domain" = {
      zone_id = "zzzzzzzz-zzzz-zzzz-zzzz-zzzzzzzzzzzz"
      record_sets = {
        "spf_txt" = {
          name    = "@"
          type    = "TXT"
          records = ["v=spf1 mx -all"]
          ttl     = 7200
          comment = "this is a test txt record"
        },
        "spf_cname" = {
          name    = "exampledomain"
          type    = "A"
          ttl     = 3600
          records = ["192.0.29.1"]
        }
      }
    },

    # EXAMPLE 3: Create a new zone with no initial records
    "empty_domain" = {
      name     = "My Empty Domain"
      dns_name = "empty-example.com"
    }
  }
}

Inputs

Variable Name Description Type Required
project_id STACKIT project ID to which the DNS resources are associated. string Yes
zones A map of DNS zones to be created or managed. Each zone contains a name, dns_name, and record_sets map. map Yes
record_sets A map of DNS record sets to create within this zone. Each record set contains a name, type, records, ttl, comment, and active attribute. map Optional

Values for zones

Key Description Type Required
zone_id The ID of an existing DNS zone to manage. If provided, the module will use the existing zone. If not provided, a new zone will be created. string Optional
name The descriptive name of the DNS zone. string Optional
dns_name The DNS name of the DNS zone. string Optional
contact_email The contact email for the DNS zone. string Optional
description A description of the DNS zone. string Optional
acl The Access Control List (ACL) for the DNS zone. string Optional
active Whether the DNS zone is active or not. bool Optional (currently non-functional)
default_ttl The default Time-to-Live (TTL) for records in the DNS zone. number Optional
expire_time The expiration time for the DNS zone. number Optional
is_reverse_zone Whether the DNS zone is a reverse zone or not. bool Optional
negative_cache The negative cache duration for the DNS zone. number Optional
primaries A list of primary name servers for the DNS zone. list(string) Optional
refresh_time The refresh time for the DNS zone. number Optional
retry_time The retry time for the DNS zone. number Optional
type The type of the DNS zone. Defaults to "primary" if not provided. string Optional

Values for record_sets

Key Description Type Required
name The name of the DNS record set. string Yes
type The type of the DNS record set. string Yes
records A list of DNS records for the record set. list(string) Yes
ttl The Time-to-Live (TTL) for the DNS records in the record set. number Optional
comment A comment for the DNS record set. string Optional
active Whether the DNS record set is active or not. bool Optional (currently non-functional)

Outputs

Name Description
zones A map of all managed DNS zone objects, including those created and those referenced by ID.
record_sets A map of all created DNS record set objects.

Notes

Setting a zone or record to inactive by using active = false is currently not possible due to a bug in the provider. It is active by default.