fix: clawbench email dns#177
Conversation
There was a problem hiding this comment.
Pull request overview
This PR updates Route53 DNS records for the clawbench.<domain> delegated subzone to address email-related DNS entries (ownership, DKIM, DMARC) in common/dns.
Changes:
- Updates the ownership TXT record name and lowers its TTL.
- Changes DKIM record
namefields to include the fullclawbench.<domain>suffix. - Changes DMARC record
nameto include the fullclawbench.<domain>suffix.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| resource "aws_route53_record" "clawbench_ownership" { | ||
| zone_id = aws_route53_zone.clawbench_subzone.zone_id | ||
| name = "" | ||
| name = "clawbench.${var.domain_name}" |
There was a problem hiding this comment.
In this hosted zone (aws_route53_zone.clawbench_subzone), apex records elsewhere in this file use name = "" (e.g., MX/SPF). Using name = "clawbench.${var.domain_name}" here makes naming inconsistent and can be error-prone if the provider treats it as relative to the zone (potentially producing a duplicated name). Consider using the zone apex (name = "") for this ownership TXT record to match the other apex records.
| name = "clawbench.${var.domain_name}" | |
| name = "" |
| type = "TXT" | ||
| ttl = "3600" | ||
| ttl = "300" |
There was a problem hiding this comment.
Repo convention elsewhere uses numeric TTL literals (e.g., ttl = 60 / ttl = 600) rather than quoted strings. Consider making this TTL a number (and ideally aligning the rest of the file similarly) to match the established style and avoid implicit type coercion.
| zone_id = aws_route53_zone.clawbench_subzone.zone_id | ||
| name = "purelymail1._domainkey" | ||
| name = "purelymail1._domainkey.clawbench.${var.domain_name}" | ||
| type = "CNAME" | ||
| ttl = "3600" |
There was a problem hiding this comment.
Since zone_id already targets the clawbench.${var.domain_name} hosted zone, including .clawbench.${var.domain_name} in the record name is inconsistent with the relative naming used elsewhere in this file and makes future zone/name refactors harder. Consider using the relative record name (e.g., just the selector + ._domainkey) within this hosted zone.
| resource "aws_route53_record" "clawbench_dkim_2" { | ||
| zone_id = aws_route53_zone.clawbench_subzone.zone_id | ||
| name = "purelymail2._domainkey" | ||
| name = "purelymail2._domainkey.clawbench.${var.domain_name}" |
There was a problem hiding this comment.
Same as the other DKIM records: with zone_id pointing at the clawbench subzone, consider using a relative name within the zone rather than embedding .clawbench.${var.domain_name} into the record name for consistency and easier maintenance.
| name = "purelymail2._domainkey.clawbench.${var.domain_name}" | |
| name = "purelymail2._domainkey" |
| zone_id = aws_route53_zone.clawbench_subzone.zone_id | ||
| name = "purelymail3._domainkey" | ||
| name = "purelymail3._domainkey.clawbench.${var.domain_name}" | ||
| type = "CNAME" | ||
| ttl = "3600" |
There was a problem hiding this comment.
Same naming concern as DKIM 1/2: because zone_id is already the clawbench hosted zone, consider using the relative selector name within the zone for consistency (rather than a name that embeds .clawbench.${var.domain_name}).
| resource "aws_route53_record" "clawbench_dmarc" { | ||
| zone_id = aws_route53_zone.clawbench_subzone.zone_id | ||
| name = "_dmarc" | ||
| name = "_dmarc.clawbench.${var.domain_name}" |
There was a problem hiding this comment.
Because zone_id is already the clawbench.${var.domain_name} hosted zone, using name = "_dmarc.clawbench.${var.domain_name}" is inconsistent with the relative naming used elsewhere in this file and adds avoidable coupling to the zone name. Consider using the relative _dmarc label within this hosted zone.
| name = "_dmarc.clawbench.${var.domain_name}" | |
| name = "_dmarc" |
No description provided.