diff --git a/README.md b/README.md index 4552b2e..5116629 100644 --- a/README.md +++ b/README.md @@ -29,14 +29,14 @@ Change logs are auto-generated with commitizen. ## Modules -No modules. +| Name | Source | Version | +|------|--------|---------| +| [cluster\_domain\_cname](#module\_cluster\_domain\_cname) | git@github.e.it.census.gov:terraform-modules/aws-dns//cname | n/a | ## Resources | Name | Type | |------|------| -| [aws_route53_record.entry](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource | -| [aws_route53_record.entry_heritage](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource | | [aws_route53_vpc_association_authorization.self_zone_east](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_vpc_association_authorization) | resource | | [aws_route53_vpc_association_authorization.self_zone_west](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_vpc_association_authorization) | resource | | [aws_route53_zone.cluster_domain](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_zone) | resource | @@ -48,6 +48,7 @@ No modules. | [aws_lb.lb](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/lb) | data source | | [aws_vpc.dummy_vpc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) | data source | | [aws_vpc.eks_vpc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) | data source | +| [aws_vpc_dhcp_options.options](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc_dhcp_options) | data source | | [kubernetes_service.istio_ingressgateway](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/data-sources/service) | data source | ## Inputs diff --git a/aws_data.tf b/aws_data.tf index 7bfda66..dd53245 100644 --- a/aws_data.tf +++ b/aws_data.tf @@ -5,6 +5,13 @@ data "aws_vpc" "eks_vpc" { } } +data "aws_vpc_dhcp_options" "options" { + filter { + name = "vpc-id" + values = [local.vpc_id] + } +} + data "aws_caller_identity" "current" {} data "aws_arn" "current" { diff --git a/main.tf b/main.tf index fb4beda..4e0c1ee 100644 --- a/main.tf +++ b/main.tf @@ -7,38 +7,12 @@ #------------------------------------------------- locals { - defaults = { - enable_ptr = { - cname = false - a = false - aaaa = false - txt = false - host = true - ptr = true - } - heritage_label = "terraform" - heritage_prefix = { - cname = "_txt" - a = "" - aaaa = "" - txt = "_txt" - host = "" - ptr = "" - } - } - base_heritage_tags = [ - format("heritage=%v", local.defaults.heritage_label), - format("%v/account_id=%v", local.defaults.heritage_label, data.aws_caller_identity.current.account_id), - format("%v/region=%v", local.defaults.heritage_label, local.region), - format("%v/create_time=%d", local.defaults.heritage_label, time_static.timestamp.unix) - ] cluster_domain_description = format("%v EKS Cluster DNS Zone", var.cluster_name) cluster_domain_name = format("%v.%v", var.cluster_name, local.vpc_domain_name) - default_heritage_prefix = lookup(local.defaults.heritage_prefix, local.record_type, "") != "" ? format("%v.", local.defaults.heritage_prefix[local.record_type]) : "" is_shared_vpc = data.aws_vpc.eks_vpc.owner_id != data.aws_caller_identity.current.account_id - record_type = "cname" region = var.region vpc_domain_name = var.vpc_domain_name + vpc_id = data.aws_vpc.eks_vpc.id } resource "time_static" "timestamp" {} @@ -122,18 +96,27 @@ resource "aws_route53_zone_association" "self_zone_west" { # Cluster DNS CNAME MAPPED TO INGRESS NLB ################################################################### -resource "aws_route53_record" "entry" { - name = "*.${local.cluster_domain_name}" - records = [data.aws_lb.lb.dns_name] - ttl = 900 - type = "CNAME" - zone_id = aws_route53_zone.cluster_domain.zone_id -} - -resource "aws_route53_record" "entry_heritage" { - name = format("%v%v", local.default_heritage_prefix, "*.${local.cluster_domain_name}") - records = [join(",", local.base_heritage_tags)] - ttl = 900 - type = "TXT" - zone_id = aws_route53_zone.cluster_domain.zone_id +# resource "aws_route53_record" "entry" { +# name = "*.${local.cluster_domain_name}" +# records = [data.aws_lb.lb.dns_name] +# ttl = 900 +# type = "CNAME" +# zone_id = aws_route53_zone.cluster_domain.zone_id +# } + +# resource "aws_route53_record" "entry_heritage" { +# name = format("%v%v", local.default_heritage_prefix, "*.${local.cluster_domain_name}") +# records = [join(",", local.base_heritage_tags)] +# ttl = 900 +# type = "TXT" +# zone_id = aws_route53_zone.cluster_domain.zone_id +# } + +module "cluster_domain_cname" { + # tflint-ignore: terraform_module_pinned_source + source = "git@github.e.it.census.gov:terraform-modules/aws-dns//cname" + + name = format("%v.%v", var.cluster_name, data.aws_vpc_dhcp_options.options.domain_name) + values = data.aws_lb.lb.dns_name + zone = aws_route53_zone.cluster_domain.zone_id }