Accueil Explorer Aide
S'inscrire Connexion
AFS
/
xdr-terraform-live
2
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Parcourir la source

Adds public dns zones and skeleton for delegating caasp subdomain

Fred Damstra il y a 5 ans
Parent
04f2813e2f
commit
5d030c91dc
3 fichiers modifiés avec 47 ajouts et 0 suppressions
Vue séparée Afficher les stats Diff
  1. 23 0
      common/aws/mdr-common-services/010-public-dns/terragrunt.hcl
  2. 18 0
      common/aws/mdr-common-services/account.hcl
  3. 6 0
      globals.hcl

+ 23 - 0
common/aws/mdr-common-services/010-public-dns/terragrunt.hcl
Voir le fichier 

@@ -0,0 +1,23 @@
 
+locals {
 
+  environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
 
+  partition_vars = read_terragrunt_config(find_in_parent_folders("partition.hcl"))
 
+  region_vars = read_terragrunt_config(find_in_parent_folders("region.hcl"))
 
+  account_vars = read_terragrunt_config(find_in_parent_folders("account.hcl"))
 
+  global_vars = read_terragrunt_config(find_in_parent_folders("globals.hcl"))
 
+}
 
+
 
+terraform {
 
+  # Double slash is intentional and required to show root of modules
 
+  source = "git@github.mdr.defpoint.com:mdr-engineering/xdr-terraform-modules.git//base/dns/public_dns?ref=v0.5.4"
 
+}
 
+
 
+include {
 
+  path = find_in_parent_folders()
 
+}
 
+
 
+inputs = {
 
+  tags = {
 
+    Purpose = "Sharing the AMI amongst accounts"
 
+    Terraform = "aws/${basename(get_parent_terragrunt_dir())}/${path_relative_to_include()}/"
 
+  }
 
+}

+ 18 - 0
common/aws/mdr-common-services/account.hcl
Voir le fichier 

@@ -11,6 +11,24 @@ locals {
 
 
   # For CIDR assignment, see https://github.mdr.defpoint.com/mdr-engineering/msoc-infrastructure/wiki/IP-Address-Allocation
 
   standard_vpc_cidr = "10.1.1.0/22"
 
+
 
+  #####################################
 
+  # DNS Zones
 
+  hosted_public_dns_zones = [
 
+    "accenturefederalcyber.com",
 
+    "accenturefederalcyber.net",
 
+    "xdr.accenturefederalcyber.com",
 
+    "xdrtest.accenturefederalcyber.com",
 
+  ]
 
+  # Delegated zones are created in different accounts
 
+  delegated_public_dns_zones = {
 
+    "caasp.xdr.accenturefederalcyber.com" = [
 
+      "tbd1.awsdns-15.com.",
 
+      "tbd2.awsdns-15.com.",
 
+      "tbd3.awsdns-15.com.",
 
+      "tbd4.awsdns-15.com."
 
+    ]
 
+  }
 
   
   # For testing
 
   create_test_instance = false

+ 6 - 0
globals.hcl
Voir le fichier 

@@ -27,6 +27,12 @@ locals {
 
     "97.117.78.121/32",    # Colby Williams
 
   ]
 
   portal_test_whitelist = local.trusted_ips # for now, an alias
 
+  dns_zone_map = {
 
+    "accenturefederalcyber.com" = "Z03575081VGXN3FUZ8ERU"
 
+    "accenturefederalcyber.net" = "Z07771312N8X39HKP141M"
 
+    "xdr.accenturefederalcyber.com" = "Z0083657A94URZM2TM87"
 
+    "xdrtest.accenturefederalcyber.com" = "Z01677392W0QM639KU2KC"
 
+  }
 
 
   key_pairs = {
 
     # Should be your username -> key pair