Sfoglia il codice sorgente

Enables DNSSEC for xdr.accenturefederalcyber.com

Removes the limitations that were put in place for testing.

To be tagged v1.24.4 along with the S3 bucket for trumpet
Fred Damstra [afs macbook] 4 anni fa
parent
commit
b767914e6c
1 ha cambiato i file con 2 aggiunte e 7 eliminazioni
  1. 2 7
      base/dns/public_dns/dnssec.tf

+ 2 - 7
base/dns/public_dns/dnssec.tf

@@ -1,6 +1,5 @@
 locals {
-  domains_to_secure = toset([ "accenturefederalcyber.net", "xdrtest.accenturefederalcyber.net", "accenturefederalcyber.com", "xdrtest.accenturefederalcyber.com" ]) # for testing
-  #domains_to_secure = var.hosted_public_dns_zones
+  domains_to_secure = toset(var.hosted_public_dns_zones)
 }
 
 resource "aws_kms_key" "dnssec" {
@@ -117,11 +116,7 @@ resource "aws_route53_hosted_zone_dnssec" "dnssec" {
 }
 
 resource "aws_route53_record" "ds" {
-  #for_each = local.domains_with_parents
-  for_each = { 
-    "xdrtest.accenturefederalcyber.net" = "accenturefederalcyber.net",
-    "xdrtest.accenturefederalcyber.com" = "accenturefederalcyber.com",
-  }
+  for_each = local.domains_with_parents
 
   allow_overwrite = true
   name            = each.key