From 32735b442dd368e651910ef1fd2c1303255afedb Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Wed, 16 Oct 2024 07:57:08 -0400
Subject: [PATCH] * 2.3.5 -- 2024-10-16   - common-services/dns.tf     - change
 to use aws-dns//cname module

---
 CHANGELOG.md                                  |  4 +++
 common/version.tf                             |  2 +-
 .../1.30/common-services/dns.tf               | 29 ++++++++++++++-----
 3 files changed, 27 insertions(+), 8 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 658aa3b..ae354c4 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -68,3 +68,7 @@
 * 2.3.4 -- 2024-10-11
   - enable import_to_acm for common-services certificate
   - remove cloudwatch-agent from tf-run.data, now an addon
+
+* 2.3.5 -- 2024-10-16
+  - common-services/dns.tf
+    - change to use aws-dns//cname module
diff --git a/common/version.tf b/common/version.tf
index 8e70a25..9c4fa7e 100644
--- a/common/version.tf
+++ b/common/version.tf
@@ -1,3 +1,3 @@
 locals {
-  _module_version = "2.3.4"
+  _module_version = "2.3.5"
 }
diff --git a/examples/full-cluster-tf-upgrade/1.30/common-services/dns.tf b/examples/full-cluster-tf-upgrade/1.30/common-services/dns.tf
index 91a5b35..dd28da1 100644
--- a/examples/full-cluster-tf-upgrade/1.30/common-services/dns.tf
+++ b/examples/full-cluster-tf-upgrade/1.30/common-services/dns.tf
@@ -14,12 +14,27 @@ data "aws_lb" "lb" {
   name  = split("-", data.kubernetes_service.istio-ingressgateway.status.0.load_balancer.0.ingress.0.hostname)[0]
 }
 
-resource "aws_route53_record" "istio-ingress" {
-  count   = local.is_gateway_active ? 1 : 0
-  name    = format("*.%v", local.parent_rs.cluster_domain_name)
-  type    = "CNAME"
-  ttl     = 900
-  zone_id = local.parent_rs.cluster_domain_id
+# resource "aws_route53_record" "istio-ingress" {
+#   count   = local.is_gateway_active ? 1 : 0
+#   name    = format("*.%v", local.parent_rs.cluster_domain_name)
+#   type    = "CNAME"
+#   ttl     = 900
+#   zone_id = local.parent_rs.cluster_domain_id
+# 
+#   records = [data.aws_lb.lb[0].dns_name]
+# }
 
-  records = [data.aws_lb.lb[0].dns_name]
+module "istio-ingress" {
+  count  = local.is_gateway_active ? 1 : 0
+  source = "git@github.e.it.census.gov:terraform-modules/aws-dns//cname"
+
+  name            = format("*.%v", local.parent_rs.cluster_domain_name)
+  zone            = local.parent_rs.cluster_domain_name
+  values          = [data.aws_lb.lb[0].dns_name]
+  enable_heritage = false
+}
+
+moved {
+  from = aws_route53_record.istio-ingress[0]
+  to   = module.istio-ingress[0].aws_route53_record.entry
 }