From c9d2fa56efefc8041034c5c58ac480d21c834bf1 Mon Sep 17 00:00:00 2001
From: "Matthew C. Morgan" <matthew.c.morgan@census.gov>
Date: Mon, 29 Jul 2024 17:29:11 -0400
Subject: [PATCH] add route53 endpoints

---
 dns-zone-cat.tf | 40 +++++++++++++---------------------------
 variables.tf    | 28 ++++++++++++----------------
 2 files changed, 25 insertions(+), 43 deletions(-)

diff --git a/dns-zone-cat.tf b/dns-zone-cat.tf
index 6b7abdb..914603d 100644
--- a/dns-zone-cat.tf
+++ b/dns-zone-cat.tf
@@ -1,9 +1,8 @@
 locals {
-  cluster_domain_name        = format("%v.%v", var.cluster_name, var.domain)
+  cluster_domain_name        = format("%v.%v", var.cluster_name, var.vpc_domain_name)
   cluster_domain_description = format("%v EKS Cluster DNS Zone", var.cluster_name)
   # true for gov, false for cat
   aws_dns_infrastructure     = false
-  region = data.aws_region.current.name
 }
 
 resource "aws_route53_zone" "cluster_domain" {
@@ -16,28 +15,15 @@ resource "aws_route53_zone" "cluster_domain" {
     vpc_region = local.region
   }
 
-  ##   dynamic "vpc" {
-  ##     for_each = true ? var.region_map : {}
-  ##     iterator = r
-  ##     content {
-  ##       vpc_id     = var.main_dns_vpcs[r.value]
-  ##       vpc_region = r.value
-  ##     }
-  ##   }
-
   lifecycle {
     ignore_changes = [vpc]
   }
 
   tags = merge(
     local.base_tags,
-    # local.common_tags,
     var.tags,
-    # var.application_tags,
     tomap({ "Name" = local.cluster_domain_name }),
   )
-
-  #  depends_on = [ aws_route53_vpc_association_authorization.west_cluster_domain, aws_route53_vpc_association_authorization.east_cluster_domain ]
 }
 
 output "cluster_domain_name" {
@@ -56,20 +42,20 @@ output "cluster_domain_ns" {
 }
 
 # now we need to add the NS records for the new zone to the parent zone
-# data "aws_route53_zone" "parent" {
-#   name         = var.domain
-#   private_zone = true
-# }
+data "aws_route53_zone" "parent" {
+  name         = var.vpc_domain_name
+  private_zone = true
+}
 
-# resource "aws_route53_record" "cluster_domain" {
-#   allow_overwrite = true
-#   name            = local.cluster_domain_name
-#   type            = "NS"
-#   ttl             = 900
-#   zone_id         = data.aws_route53_zone.parent.zone_id
+resource "aws_route53_record" "cluster_domain" {
+  allow_overwrite = true
+  name            = local.cluster_domain_name
+  type            = "NS"
+  ttl             = 900
+  zone_id         = data.aws_route53_zone.parent.zone_id
 
-#   records = aws_route53_zone.cluster_domain.name_servers
-# }
+  records = aws_route53_zone.cluster_domain.name_servers
+}
 
 ## #---
 ## # associate to main do2-govcloud vpc1-services east and west for inbound resolution
diff --git a/variables.tf b/variables.tf
index 6d85964..7b37455 100644
--- a/variables.tf
+++ b/variables.tf
@@ -145,19 +145,15 @@ variable "region_map" {
   default = {"east": "us-gov-east-1", "west": "us-gov-west-1"}
 }
 
-# variable "route53_endpoints" {
-#   description = "Map of target route53 endpoints (for inbound) central VPCs"
-#   type        = map(map(string))
-#   default = {
-#     route53_main = {
-#       "account_id"    = "057405694017"
-#       "us-gov-east-1" = "vpc-0871ba8a6040d623a"
-#       "us-gov-west-1" = "vpc-0f03ea065333f72c5"
-#     }
-#     route53_main_legacy = {
-#       "account_id"    = "107742151971"
-#       "us-gov-east-1" = "vpc-099a991da7c4eb8a5"
-#       "us-gov-west-1" = "vpc-77877a12"
-#     }
-#   }
-# }
+variable "route53_endpoints" {
+  description = "Map of target route53 endpoints (for inbound) central VPCs"
+  type        = map(map(string))
+  default = {
+    route53_main = {
+      "account_id"    = "269244441389"
+      "alias"         = "lab-gov-network-nonprod"
+      "us-gov-east-1" = "vpc-070595c5b133243dd"
+      "us-gov-west-1" = "vpc-08b7b4db6a5ddf9c1"
+    }
+  }
+}