AFS
/
xdr-terraform-modules


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100
							locals {
  # I decided to get fancy here. For the list of domains, if any are parents of the others, I create the associated NS records
  # to delegate it.
  
  # Grabs the parent domains
  parent_domains_all = { for domain in var.hosted_public_dns_zones: domain => regex("^[^\\.]*\\.(.+)$", domain)[0] }
  # filters out those that aren't in our list
  domains_with_parents = { 
    for domain, parent in local.parent_domains_all: 
      domain => parent if contains(var.hosted_public_dns_zones, parent) 
  }

  # delegated parent domains
  delegated_parent_domains_all = { for domain, value in var.delegated_public_dns_zones: domain => regex("^[^\\.]*\\.(.+)$", domain)[0] }
  # filters out those that aren't in our list
  delegated_domain_parents = { 
    for domain, parent in local.delegated_parent_domains_all: 
      domain => parent if contains(var.hosted_public_dns_zones, parent) 
  }
}

# These outputs are useful for debugging, but commenting them out for now.
#output parent_domains {
#  value = local.parent_domains_all
#}
#output domains_with_parents {
#  value = local.domains_with_parents
#}
#output delegated_parent_domains {
#  value = local.delegated_parent_domains_all
#}
#output delegated_domain_parents {
#  value = local.delegated_domain_parents
#}

# Create the public zones
resource "aws_route53_zone" "public" {
  for_each = toset(var.hosted_public_dns_zones)
  name = each.value
  tags = merge(var.standard_tags, var.tags)
}

#output "domains" {
#  value = aws_route53_zone.public
#}

resource "aws_route53_record" "soa" {
  for_each = local.domains_with_parents

  allow_overwrite = true
  name            = each.key
  ttl             = 60
  type            = "NS"
  zone_id         = aws_route53_zone.public[each.value].id

  records = aws_route53_zone.public[each.key].name_servers
}

# At this point, I don't know where to point these websites, so these are dummy addresses. But the below is
# tested and functional when we have a web presence.
#resource "aws_route53_record" "at" {
#  for_each = toset(var.hosted_public_dns_zones)
#  zone_id = aws_route53_zone.public[each.value].id
#  name    = ""
#  type    = "A"
#  ttl     = "300"
#  records = [ "1.1.1.1" ]
#}
#
#resource "aws_route53_record" "www" {
#  for_each = toset(var.hosted_public_dns_zones)
#  zone_id = aws_route53_zone.public[each.value].id
#  name    = "www"
#  type    = "CNAME"
#  ttl     = "300"
#  records = [ each.value ]
#}

# Create delegations for domains hosted in other accounts
resource "aws_route53_record" "soa_for_delegated" {
  for_each = var.delegated_public_dns_zones

  allow_overwrite = true
  name            = each.key
  ttl             = 60
  type            = "NS"
  zone_id         = aws_route53_zone.public[local.delegated_domain_parents[each.key]].id

  records = each.value
}

resource "aws_route53_record" "dnstest" {
  for_each = toset(var.hosted_public_dns_zones)
  zone_id = aws_route53_zone.public[each.value].id
  name    = "dnstest"
  type    = "A"
  ttl     = "300"
  # Non-routable Test IP: https://tools.ietf.org/html/rfc5737
  records = [ "203.0.113.1" ]
}