This module makes it easy to create Google Cloud DNS zones of different types, and manage their records. It supports creating public, private, forwarding, peering, reverse_lookup and service directory zones.
The resources/services/activations/deletions that this module will create/trigger are:
- One
google_dns_managed_zonefor the zone - Zero or more
google_dns_record_setfor the zone records
This module is meant for use with Terraform 0.13+ and tested using Terraform 1.0+. If you find incompatibilities using Terraform >=0.13, please open an issue. If you haven't upgraded and need a Terraform 0.12.x-compatible version of this module, the last released version intended for Terraform 0.12.x is v3.1.0.
Basic usage of this module for a private zone is as follows:
module "dns-private-zone" {
source = "terraform-google-modules/cloud-dns/google"
version = "4.0"
project_id = "my-project"
type = "private"
name = "example-com"
domain = "example.com."
private_visibility_config_networks = [
"https://www.googleapis.com/compute/v1/projects/my-project/global/networks/my-vpc"
]
recordsets = [
{
name = ""
type = "NS"
ttl = 300
records = [
"127.0.0.1",
]
},
{
name = "localhost"
type = "A"
ttl = 300
records = [
"127.0.0.1",
]
},
]
}
Functional examples are included in the examples directory.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| default_key_specs_key | Object containing default key signing specifications : algorithm, key_length, key_type, kind. Please see https://www.terraform.io/docs/providers/google/r/dns_managed_zone#dnssec_config for futhers details | any |
{} |
no |
| default_key_specs_zone | Object containing default zone signing specifications : algorithm, key_length, key_type, kind. Please see https://www.terraform.io/docs/providers/google/r/dns_managed_zone#dnssec_config for futhers details | any |
{} |
no |
| description | zone description (shown in console) | string |
"Managed by Terraform" |
no |
| dnssec_config | Object containing : kind, non_existence, state. Please see https://www.terraform.io/docs/providers/google/r/dns_managed_zone#dnssec_config for futhers details | any |
{} |
no |
| domain | Zone domain, must end with a period. | string |
n/a | yes |
| enable_logging | Enable query logging for this ManagedZone | bool |
false |
no |
| force_destroy | Set this true to delete all records in the zone. | bool |
false |
no |
| labels | A set of key/value label pairs to assign to this ManagedZone | map(any) |
{} |
no |
| name | Zone name, must be unique within the project. | string |
n/a | yes |
| private_visibility_config_networks | List of VPC self links that can see this zone. | list(string) |
[] |
no |
| project_id | Project id for the zone. | string |
n/a | yes |
| recordsets | List of DNS record objects to manage, in the standard terraform dns structure. | list(object({ |
[] |
no |
| service_namespace_url | The fully qualified or partial URL of the service directory namespace that should be associated with the zone. This should be formatted like https://servicedirectory.googleapis.com/v1/projects/{project}/locations/{location}/namespaces/{namespace_id} or simply projects/{project}/locations/{location}/namespaces/{namespace_id}. | string |
"" |
no |
| target_name_server_addresses | List of target name servers for forwarding zone. | list(map(any)) |
[] |
no |
| target_network | Peering network. | string |
"" |
no |
| type | Type of zone to create, valid values are 'public', 'private', 'forwarding', 'peering', 'reverse_lookup' and 'service_directory'. | string |
"private" |
no |
| Name | Description |
|---|---|
| domain | The DNS zone domain. |
| name | The DNS zone name. |
| name_servers | The DNS zone name servers. |
| type | The DNS zone type. |
These sections describe requirements for using this module.
The following dependencies must be available:
- Terraform >= 0.13.0
- Terraform Provider for GCP plugin >= v4.40
User or service account credentials with the following roles must be used to provision the resources of this module:
- DNS Administrator:
roles/dns.admin
The Project Factory module and the IAM module may be used in combination to provision a service account with the necessary roles applied.
A project with the following APIs enabled must be used to host the resources of this module:
- Google Cloud DNS API:
dns.googleapis.com
The Project Factory module can be used to provision a project with the necessary APIs enabled.
Refer to the contribution guidelines for information on contributing to this module.
![release-please[bot] avatar](https://avatars.githubusercontent.com/in/40688?v=4 "release-please[bot]")
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "renovate[bot]")
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent