Creates inbound resolver to use to resolve msoc.defpoint.local

To be tagged v1.20.0

base/dns/inbound_dns_resolver/README.md

@@ -0,0 +1,5 @@
+# Creates an Inbound DNS Resolver
+
+Allows systems to do DNS lookups against a private DNS zone
+
+Used for legacy to allow inbound dns to msoc.defpoint.local

base/dns/inbound_dns_resolver/main.tf

@@ -0,0 +1,56 @@
+resource "aws_route53_resolver_endpoint" "private_resolver" {
+  name      = "xdr_msoc_local"
+  direction = "INBOUND"
+
+  security_group_ids = [ aws_security_group.resolver_security_group.id ]
+
+  dynamic "ip_address" {
+    for_each = var.subnets
+
+    content {
+      subnet_id = ip_address.value
+    }
+  }
+
+  tags = merge(var.standard_tags, var.tags)
+}
+
+resource "aws_security_group" "resolver_security_group" {
+  name        = "route53_resolver_inbound"
+  description = "Allow DNS inbound traffic"
+  vpc_id      = var.primary_vpc
+
+  ingress {
+    description = "DNS_UDP"
+    from_port   = 53
+    to_port     = 53
+    protocol    = "udp"
+    cidr_blocks = [ "10.0.0.0/8" ]
+  }
+
+  ingress {
+    description = "DNS_TCP"
+    from_port   = 53
+    to_port     = 53
+    protocol    = "tcp"
+    cidr_blocks = [ "10.0.0.0/8" ]
+  }
+
+  egress {
+    description = "DNS_UDP"
+    from_port   = 53
+    to_port     = 53
+    protocol    = "udp"
+    cidr_blocks = [ "10.0.0.0/8" ]
+  }
+
+  egress {
+    description = "DNS_TCP"
+    from_port   = 53
+    to_port     = 53
+    protocol    = "tcp"
+    cidr_blocks = [ "10.0.0.0/8" ]
+  }
+
+  tags = merge(var.standard_tags, var.tags)
+}

base/dns/inbound_dns_resolver/outputs.tf

@@ -0,0 +1,3 @@
+output "resolver_endpoint_ips" {
+  value = [ for r in aws_route53_resolver_endpoint.private_resolver.ip_address: r.ip ]
+}

base/dns/inbound_dns_resolver/vars.tf

@@ -0,0 +1,18 @@
+variable "primary_vpc" { 
+  description = "VPC for the inbound connector"
+  type = string 
+}
+
+variable "subnets" { 
+  description = "Subnets in which to create the resolver."
+  type = list 
+}
+
+# inherited variables
+variable tags { type = map }
+variable inbound_resolver_endpoints { type = list }
+variable dns_info { type = map }
+variable standard_tags { type = map }
+variable aws_account_id { type = string }
+variable aws_partition { type = string }
+variable account_list { type = list }