This module makes it easy to create Google Cloud DNS zones of different types, and manage their records. It supports creating public, private, forwarding, and peering zones.
The resources/services/activations/deletions that this module will create/trigger are:
- One
google_dns_managed_zonefor the zone - Zero or more
google_dns_record_setfor the zone records
This module is meant for use with Terraform 0.12. If you haven't upgraded and need a Terraform 0.12.x-compatible version of this module, the last released version intended for Terraform 0.11.x is 1.0.0.
Basic usage of this module for a private zone is as follows:
module "dns-private-zone" {
source = "terraform-google-modules/cloud-dns/google"
version = "3.0.0"
project_id = "my-project"
type = "private"
name = "example-com"
domain = "example.com."
private_visibility_config_networks = [
"https://www.googleapis.com/compute/v1/projects/my-project/global/networks/my-vpc"
]
recordsets = [
{
name = ""
type = "NS"
ttl = 300
records = [
"127.0.0.1",
]
},
{
name = "localhost"
type = "A"
ttl = 300
records = [
"127.0.0.1",
]
},
]
}
Functional examples are included in the examples directory.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| default_key_specs_key | Object containing default key signing specifications : algorithm, key_length, key_type, kind. Please see https://www.terraform.io/docs/providers/google/r/dns_managed_zone.html#dnssec_config for futhers details | any | <map> |
no |
| default_key_specs_zone | Object containing default zone signing specifications : algorithm, key_length, key_type, kind. Please see https://www.terraform.io/docs/providers/google/r/dns_managed_zone.html#dnssec_config for futhers details | any | <map> |
no |
| description | zone description (shown in console) | string | "Managed by Terraform" |
no |
| dnssec_config | Object containing : kind, non_existence, state. Please see https://www.terraform.io/docs/providers/google/r/dns_managed_zone.html#dnssec_config for futhers details | any | <map> |
no |
| domain | Zone domain, must end with a period. | string | n/a | yes |
| labels | A set of key/value label pairs to assign to this ManagedZone | map | <map> |
no |
| name | Zone name, must be unique within the project. | string | n/a | yes |
| private_visibility_config_networks | List of VPC self links that can see this zone. | list(string) | <list> |
no |
| project_id | Project id for the zone. | string | n/a | yes |
| recordsets | List of DNS record objects to manage, in the standard terraform dns structure. | object | <list> |
no |
| target_name_server_addresses | List of target name servers for forwarding zone. | list(string) | <list> |
no |
| target_network | Peering network. | string | "" |
no |
| type | Type of zone to create, valid values are 'public', 'private', 'forwarding', 'peering'. | string | "private" |
no |
| Name | Description |
|---|---|
| domain | The DNS zone domain. |
| name | The DNS zone name. |
| name_servers | The DNS zone name servers. |
| type | The DNS zone type. |
These sections describe requirements for using this module.
The following dependencies must be available:
- Terraform v0.12
- Terraform Provider for GCP plugin v2.14
User or service account credentials with the following roles must be used to provision the resources of this module:
- Storage Admin:
roles/dns.admin
The Project Factory module and the IAM module may be used in combination to provision a service account with the necessary roles applied.
A project with the following APIs enabled must be used to host the resources of this module:
- Google Cloud DNS API:
dns.googleapis.com
The Project Factory module can be used to provision a project with the necessary APIs enabled.
Refer to the contribution guidelines for information on contributing to this module.