# Create the public zones
# default SOA, NS records are created by default by this
resource "aws_route53_zone" "public" {
  name = "defpoint.com"
  tags = merge(local.standard_tags, var.tags)
}

resource "aws_route53_record" "mx" {
  zone_id = aws_route53_zone.public.id
  name    = "defpoint.com"
  type    = "MX"
  ttl     = "300"
  records = ["0 defpoint-com.mail.protection.outlook.com."]
}

resource "aws_route53_record" "spf" {
  zone_id = aws_route53_zone.public.id
  name    = "defpoint.com"
  type    = "TXT"
  ttl     = "3600"
  records = ["v=spf1 include:spf.protection.outlook.com include:sharepointonline.com -all"]
}

resource "aws_route53_record" "dmarc" {
  zone_id = aws_route53_zone.public.id
  name    = "_dmarc"
  type    = "TXT"
  ttl     = "3600"
  records = [
    "v=DMARC1; p=quarantine; sp=quarantine; pct=100; fo=1; ruf=mailto:DmarcRUF@defpoint.com; rua=mailto:DmarcRUA@defpoint.com,mailto:reports@dmarc.cyber.dhs.gov; aspf=s; adkim=s"
  ]
}

resource "aws_route53_record" "dkim-selector1" {
  zone_id = aws_route53_zone.public.id
  name    = "selector1._domainkey"
  type    = "CNAME"
  ttl     = "3600"
  records = [
    "selector1-defpoint-com._domainkey.afs365.onmicrosoft.com."
  ]
}

resource "aws_route53_record" "dkim-selector2" {
  zone_id = aws_route53_zone.public.id
  name    = "selector2._domainkey"
  type    = "CNAME"
  ttl     = "3600"
  records = [
    "selector2-defpoint-com._domainkey.afs365.onmicrosoft.com."
  ]
}



resource "aws_route53_record" "delegation-ai" {
  zone_id = aws_route53_zone.public.id
  name    = "ai"
  type    = "NS"
  ttl     = "3600"
  records = [
    "ns-1462.awsdns-54.org.",
    "ns-2040.awsdns-63.co.uk.",
    "ns-240.awsdns-30.com.",
    "ns-891.awsdns-47.net."
  ]
}

resource "aws_route53_record" "delegation-mdr" {
  zone_id = aws_route53_zone.public.id
  name    = "mdr"
  type    = "NS"
  ttl     = "3600"
  records = [
    "ns-1087.awsdns-07.org.",
    "ns-110.awsdns-13.com.",
    "ns-1673.awsdns-17.co.uk.",
    "ns-523.awsdns-01.net.",
  ]
}

resource "aws_route53_record" "delegation-mdr-test" {
  zone_id = aws_route53_zone.public.id
  name    = "mdr-test"
  type    = "NS"
  ttl     = "3600"
  records = [
    "ns-1346.awsdns-40.org.",
    "ns-163.awsdns-20.com.",
    "ns-1823.awsdns-35.co.uk.",
    "ns-867.awsdns-44.net.",
  ]
}