This component is responsible for provisioning a DNS zone which delegates nameservers to the DNS zone in the primary DNS account. The primary DNS zone is expected to already be provisioned via the dns-primary component.
This component also provisions a wildcard ACM certificate for the given subdomain.
Stack Level: Global
Here's an example snippet for how to use this component. Use this component in global stacks for any accounts where you host services that need DNS records on a given subdomain (e.g. delegated zone) of the root domain (e.g. primary zone).
components:
terraform:
dns-delegated:
vars:
zone_config:
- subdomain: devplatform
zone_name: example.net| Name | Version |
|---|---|
| terraform | >= 0.14.0 |
| aws | ~> 3.32 |
| external | ~> 2.1 |
| http | ~> 2.0 |
| local | ~> 2.0 |
| null | ~> 3.0 |
| utils | 0.3 |
| Name | Version |
|---|---|
| aws.delegated | ~> 3.32 |
| aws.primary | ~> 3.32 |
| Name | Source | Version |
|---|---|---|
| acm | cloudposse/acm-request-certificate/aws | 0.13.1 |
| iam_roles | ../account-map/modules/iam-roles | n/a |
| this | cloudposse/label/null | 0.24.1 |
| Name | Type |
|---|---|
| aws_route53_record.root_ns | resource |
| aws_route53_record.soa | resource |
| aws_route53_zone.default | resource |
| aws_ssm_parameter.acm_arn | resource |
| aws_route53_zone.root_zone | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| additional_tag_map | Additional tags for appending to tags_as_list_of_maps. Not added to tags. |
map(string) |
{} |
no |
| attributes | Additional attributes (e.g. 1) |
list(string) |
[] |
no |
| context | Single object for setting entire context at once. See description of individual variables for details. Leave string and numeric variables as null to use default value.Individual variable settings (non-null) override settings in context object, except for attributes, tags, and additional_tag_map, which are merged. |
object({ |
{ |
no |
| delimiter | Delimiter to be used between namespace, environment, stage, name and attributes.Defaults to - (hyphen). Set to "" to use no delimiter at all. |
string |
null |
no |
| enabled | Set to false to prevent the module from creating any resources | bool |
null |
no |
| environment | Environment, e.g. 'uw2', 'us-west-2', OR 'prod', 'staging', 'dev', 'UAT' | string |
null |
no |
| id_length_limit | Limit id to this many characters.Set to 0 for unlimited length.Set to null for default, which is 0.Does not affect id_full. |
number |
null |
no |
| import_profile_name | AWS Profile name to use when importing a resource | string |
null |
no |
| kms_alias_name | AWS KMS alias used for encryption/decryption of SSM parameters default is alias used in SSM | string |
"alias/aws/ssm" |
no |
| label_order | The naming order of the id output and Name tag. Defaults to ["namespace", "environment", "stage", "name", "attributes"]. You can omit any of the 5 elements, but at least one must be present. |
list(string) |
null |
no |
| name | Solution name, e.g. 'app' or 'jenkins' | string |
null |
no |
| namespace | Namespace, which could be your organization name or abbreviation, e.g. 'eg' or 'cp' | string |
null |
no |
| regex_replace_chars | Regex to replace chars with empty string in namespace, environment, stage and name.If not set, "/[^a-zA-Z0-9-]/" is used to remove all characters other than hyphens, letters and digits. |
string |
null |
no |
| region | AWS Region | string |
n/a | yes |
| request_acm_certificate | n/a | bool |
true |
no |
| stage | Stage, e.g. 'prod', 'staging', 'dev', OR 'source', 'build', 'test', 'deploy', 'release' | string |
null |
no |
| tags | Additional tags (e.g. map('BusinessUnit','XYZ') |
map(string) |
{} |
no |
| zone_config | Zone config | list(object({ |
n/a | yes |
| Name | Description |
|---|---|
| acm_ssm_parameter | The SSM parameter for the ACM cert. |
| certificate | n/a |
| default_dns_zone_id | Default root DNS zone ID for the cluster |
| default_domain_name | Default root domain name (e.g. dev.example.net) for the cluster |
| zones | Subdomain and zone config |
- cloudposse/terraform-aws-components - Cloud Posse's upstream component
