Skip to content

Latest commit

 

History

History
124 lines (91 loc) · 4.85 KB

README.md

File metadata and controls

124 lines (91 loc) · 4.85 KB

Terraform Google Cloud DNS Module

This module makes it easy to create Google Cloud DNS zones of different types, and manage their records. It supports creating public, private, forwarding, and peering zones.

The resources/services/activations/deletions that this module will create/trigger are:

  • One google_dns_managed_zone for the zone
  • Zero or more google_dns_record_set for the zone records

Compatibility

This module is meant for use with Terraform 0.12. If you haven't upgraded and need a Terraform 0.12.x-compatible version of this module, the last released version intended for Terraform 0.11.x is 1.0.0.

Usage

Basic usage of this module for a private zone is as follows:

module "dns-private-zone" {
  source  = "terraform-google-modules/cloud-dns/google"
  version = "3.0.0"
  project_id = "my-project"
  type       = "private"
  name       = "example-com"
  domain     = "example.com."

  private_visibility_config_networks = [
    "https://www.googleapis.com/compute/v1/projects/my-project/global/networks/my-vpc"
  ]

  recordsets = [
    {
      name    = ""
      type    = "NS"
      ttl     = 300
      records = [
        "127.0.0.1",
      ]
    },
    {
      name    = "localhost"
      type    = "A"
      ttl     = 300
      records = [
        "127.0.0.1",
      ]
    },
  ]
}

Functional examples are included in the examples directory.

Inputs

Name Description Type Default Required
default_key_specs_key Object containing default key signing specifications : algorithm, key_length, key_type, kind. Please see https://www.terraform.io/docs/providers/google/r/dns_managed_zone.html#dnssec_config for futhers details any <map> no
default_key_specs_zone Object containing default zone signing specifications : algorithm, key_length, key_type, kind. Please see https://www.terraform.io/docs/providers/google/r/dns_managed_zone.html#dnssec_config for futhers details any <map> no
description zone description (shown in console) string "Managed by Terraform" no
dnssec_config Object containing : kind, non_existence, state. Please see https://www.terraform.io/docs/providers/google/r/dns_managed_zone.html#dnssec_config for futhers details any <map> no
domain Zone domain, must end with a period. string n/a yes
labels A set of key/value label pairs to assign to this ManagedZone map <map> no
name Zone name, must be unique within the project. string n/a yes
private_visibility_config_networks List of VPC self links that can see this zone. list(string) <list> no
project_id Project id for the zone. string n/a yes
recordsets List of DNS record objects to manage, in the standard terraform dns structure. object <list> no
target_name_server_addresses List of target name servers for forwarding zone. list(string) <list> no
target_network Peering network. string "" no
type Type of zone to create, valid values are 'public', 'private', 'forwarding', 'peering'. string "private" no

Outputs

Name Description
domain The DNS zone domain.
name The DNS zone name.
name_servers The DNS zone name servers.
type The DNS zone type.

Requirements

These sections describe requirements for using this module.

Software

The following dependencies must be available:

Service Account

User or service account credentials with the following roles must be used to provision the resources of this module:

  • Storage Admin: roles/dns.admin

The Project Factory module and the IAM module may be used in combination to provision a service account with the necessary roles applied.

APIs

A project with the following APIs enabled must be used to host the resources of this module:

  • Google Cloud DNS API: dns.googleapis.com

The Project Factory module can be used to provision a project with the necessary APIs enabled.

Contributing

Refer to the contribution guidelines for information on contributing to this module.