update code

examples/full-setup-tf-upgrade/apps/dns/associate-route53-endpoints.tf

@@ -0,0 +1,96 @@
+locals {
+  route53_zone_ids = compact(concat([try(aws_route53_zone.domain_zone[0].zone_id, null)], [for k, v in aws_route53_zone.ptr_zone : v.zone_id]))
+}
+
+#---
+# network prod
+#---
+provider "aws" {
+  alias  = "route53_main"
+  region = var.region_map["east"]
+  assume_role {
+    role_arn     = format("arn:%v:iam::%v:role/r-inf-terraform-route53", data.aws_arn.current.partition, var.route53_endpoints["route53_main"].account_id)
+    session_name = var.os_username
+  }
+}
+
+module "route53_main_east" {
+  providers = {
+    aws.self = aws
+    aws.peer = aws.route53_main
+  }
+
+  source   = "git@github.e.it.census.gov:terraform-modules/aws-vpc-setup.git//route53-zone-association/zone?ref=tf-upgrade"
+  region   = "us-gov-east-1"
+  vpc_id   = var.route53_endpoints["route53_main"]["us-gov-east-1"]
+  zone_ids = local.route53_zone_ids
+
+  tags = merge(
+    local.common_tags,
+    var.application_tags,
+  )
+}
+
+module "route53_main_west" {
+  providers = {
+    aws.self = aws
+    aws.peer = aws.route53_main
+  }
+
+  source   = "git@github.e.it.census.gov:terraform-modules/aws-vpc-setup.git//route53-zone-association/zone?ref=tf-upgrade"
+  region   = "us-gov-west-1"
+  vpc_id   = var.route53_endpoints["route53_main"]["us-gov-west-1"]
+  zone_ids = local.route53_zone_ids
+
+  tags = merge(
+    local.common_tags,
+    var.application_tags,
+  )
+}
+
+#---
+# do2-gov ("legacy")
+#---
+provider "aws" {
+  alias  = "route53_main_legacy"
+  region = var.region_map["east"]
+  assume_role {
+    role_arn     = format("arn:%v:iam::%v:role/r-inf-terraform-route53", data.aws_arn.current.partition, var.route53_endpoints["route53_main_legacy"].account_id)
+    session_name = var.os_username
+  }
+}
+
+module "route53_main_legacy_east" {
+  providers = {
+    aws.self = aws
+    aws.peer = aws.route53_main_legacy
+  }
+
+  source   = "git@github.e.it.census.gov:terraform-modules/aws-vpc-setup.git//route53-zone-association/zone?ref=tf-upgrade"
+  region   = "us-gov-east-1"
+  vpc_id   = var.route53_endpoints["route53_main_legacy"]["us-gov-east-1"]
+  zone_ids = local.route53_zone_ids
+
+  tags = merge(
+    local.common_tags,
+    var.application_tags,
+  )
+}
+
+module "route53_main_legacy_west" {
+  providers = {
+    aws.self = aws
+    aws.peer = aws.route53_main_legacy
+  }
+
+  source   = "git@github.e.it.census.gov:terraform-modules/aws-vpc-setup.git//route53-zone-association/zone?ref=tf-upgrade"
+  region   = "us-gov-west-1"
+  vpc_id   = var.route53_endpoints["route53_main_legacy"]["us-gov-west-1"]
+  zone_ids = local.route53_zone_ids
+
+  tags = merge(
+    local.common_tags,
+    var.application_tags,
+  )
+}
+

examples/full-setup-tf-upgrade/apps/dns/associate-shared.tf

@@ -1,15 +1,3 @@
-## locals {
-##   reverse_zones = flatten([
-##     "10.in-addr.arpa",
-##     "168.192.in-addr.arpa",
-##     "129.148.in-addr.arpa",
-##     [for x in range(16, 32) : format("%v.172.in-addr.arpa", x)],
-##   ])
-##   reverse_rules  = formatlist("reverse-%v", local.reverse_zones)
-##   forward_rules  = ["forward-all-onprem", "amazon"]
-##   all_main_rules = formatlist("resolver-%v", concat(local.forward_rules, local.reverse_rules))
-## }
-
 data "aws_route53_resolver_rules" "all_rules" {
   share_status = "SHARED_WITH_ME"
 }

examples/full-setup-tf-upgrade/apps/dns/locals.tf

@@ -5,7 +5,7 @@ locals {
 }
 
 locals {
-  vpc_info       = data.terraform_remote_state.vpc_REGION_vpcN.outputs.vpc_info
+  vpc_info       = data.terraform_remote_state.vpc_SHORTREGION_vpcN.outputs.vpc_info
   vpc_id         = local.vpc_info["vpc_id"]
   domain_name    = local.vpc_info["vpc_domain_name"]
   dns_servers    = local.vpc_info["vpc_dns_servers"]

examples/full-setup-tf-upgrade/apps/dns/other-zones.name.tf.example

@@ -0,0 +1,11 @@
+module "west_edl_zones" {
+  providers = {
+    aws.self = aws
+    aws.peer = aws.west_edl_dns
+  }
+
+  source = "git@github.e.it.census.gov:terraform-modules/aws-vpc-setup.git//route53-zone-association/vpc?ref=tf-upgrade"
+  vpc_id = local.vpc_id
+  #  zones    = [ "common.edl.census.gov" ]
+  zones = [var.vpc_domain_name]
+}

examples/full-setup-tf-upgrade/apps/dns/tf-run.data

@@ -1,4 +1,4 @@
-VERSION 1.1.4
+VERSION 1.1.6
 REMOTE-STATE
 COMMAND tf-directory-setup.py -l none -f
 COMMAND setup-new-directory.sh
@@ -9,10 +9,14 @@ LINKTOP includes.d/variables.account_tags.auto.tfvars
 LINKTOP includes.d/variables.infrastructure_tags.tf
 LINKTOP includes.d/variables.infrastructure_tags.auto.tfvars
 LINKTOP includes.d/variables.application_tags.tf
-## LINKTOP includes.d/variables.application_tags.auto.tfvars
+LINKTOP includes.d/variables.application_tags.auto.tfvars
 
 LINK variables.vpc.tf
 LINK variables.vpc.auto.tfvars
 
+aws_route53_zone.domain_zone aws_route53_zone.ptr_zone
+aws_route53_resolver_rule_association.all_rules
+
 ALL
 COMMAND tf-directory-setup.py -l s3
+

examples/full-setup-tf-upgrade/apps/dns/variables.dns.auto.tfvars

@@ -1,2 +1,3 @@
-dns_zone_description_prefix = "{project} {environment}"
-dns_zone_create             = true
+#dns_zone_description_prefix = "EDL-MultiAccount core-shared ugw1"
+dns_zone_description_prefix = "{org} {vpc_name} {compressed_region}"
+dns_zone_create             = false

examples/full-setup-tf-upgrade/apps/dns/variables.dns.tf

@@ -1,19 +1,21 @@
-variable "main_dns_vpcs" {
-  description = "Map of region and VPC ids of the vpc1-services in us-gov-west-1 and us-gov-east-1 for centralized DNS"
-  type        = map(string)
-  default = {
-    "us-gov-west-1" = "vpc-77877a12"
-    "us-gov-east-1" = "vpc-099a991da7c4eb8a5"
-  }
-}
+## variable "main_dns_vpcs" {
+##   description = "Map of region and VPC ids of the vpc1-services in us-gov-west-1 and us-gov-east-1 for centralized DNS"
+##   type        = map(string)
+##   default = {
+##     "us-gov-west-1" = "vpc-77877a12"
+##     "us-gov-east-1" = "vpc-099a991da7c4eb8a5"
+##   }
+## }
+
+# need this to trigger the shared RAM sttings
+# will need to change it when moving the RAM settings
 
 variable "main_dns_profile" {
   description = "Profile name for AWS for the main DNS central account"
   type        = string
   default     = "107742151971-do2-govcloud"
 }
 
-
 variable "dns_zone_description_prefix" {
   description = "Zone description with the org-project-program-environment"
   type        = string

examples/full-setup-tf-upgrade/apps/dns/variables.route53.tf

@@ -0,0 +1,16 @@
+variable "route53_endpoints" {
+  description = "Map of target route53 endpoints (for inbound) central VPCs"
+  type        = map(map(string))
+  default = {
+    route53_main = {
+      "account_id"    = "057405694017"
+      "us-gov-east-1" = "vpc-0871ba8a6040d623a"
+      "us-gov-west-1" = "vpc-0f03ea065333f72c5"
+    }
+    route53_main_legacy = {
+      "account_id"    = "107742151971"
+      "us-gov-east-1" = "vpc-099a991da7c4eb8a5"
+      "us-gov-west-1" = "vpc-77877a12"
+    }
+  }
+}

examples/full-setup-tf-upgrade/apps/dns/variables.username.tf

@@ -0,0 +1,5 @@
+variable "os_username" {
+  description = "OS username from environment variable, ideally as $USER"
+  type        = string
+  default     = null
+}