Skip to content
Terraform module to create AWS Route53 Resolver Rules.
HCL
Branch: master
Clone or download

Latest commit

Fetching latest commit…
Cannot retrieve the latest commit at this time.

Files

Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
CHANGELOG.md
LICENSE
README.md
main.tf
variables.tf
versions.tf

README.md

Terraform

terraform-aws-route53-resolver-rules

Terraform module to create AWS Route53 Resolver Rules.

Usage

Before you start to forward queries, you must create Resolver outbound endpoints in the connected VPCs. These endpoints provide a path for inbound or outbound queries. To accomplish this you can create the endpoints using the aws_route53_resolver_endpoint resource or use a module like the terraform-aws-route53-endpoint

Check the examples folder for the simple and the complete snippets.

Example (complete)

This example creates two rules in a outbound endpoint, using all the parameter expected for building the rules:

# Outbound endpoint using the rhythmictech/terraform-aws-route53-endpoint module
module "r53-outboud" {
  source            = "git::https://github.com/rhythmictech/terraform-aws-route53-endpoint"
  direction         = "outbound"
  allowed_resolvers = ["192.168.0.0/24"]
  vpc_id            = "vpc-0fffff0123456789"
  ip_addresses      = [
    {
      ip        = "172.30.1.10"
      subnet_id = "subnet-abcd123456789aaaa"
    },
    {
      ip        = "172.30.2.10"
      subnet_id = "subnet-abcd123456789bbbb"
    }
  ]
}

# AWS Route 53 Resolver rules
module "r53-resolver-rules" {
  source               = "git::https://github.com/lgallard/terraform-aws-route53-resolver-rules.git"
  resolver_endpoint_id = module.r53-outboud.endpoint_ids

  rules = [
    { rule_name   = "r53r-rule-1"
      domain_name = "bar.foo."
      ram_name    = "ram-r53r-1"
      vpc_ids     = ["vpc-0fffff0123456789"]
      ips         = ["192.168.10.10", "192.168.10.11:54"]
      principals  = ["123456789101", "101987654321"]
    },
    {
      rule_name   = "r53r-rule-2"
      domain_name = "example.com."
      ram_name    = "ram-r53r-2"
      vpc_ids     = ["vpc-0fffff0123456789"]
      ips         = ["192.168.10.10", "192.168.10.11:54"]
      principals  = ["123456789101", "101987654321"]
    }
  ]
}

Note: You can define IP and ports using the IP:PORT syntax, as shown above.

Inputs

Name Description Type Default Required
resolver_endpoint_id The ID of the outbound resolver endpoint that you want to use to route DNS queries to the IP addresses that you specify using target_ip. string null yes
rules List of rules list [] no
tags Map of tags to apply to supported resources map(string) {} no

Each rule accept the following parameters:

Rules

Name Description Type Default Required
domain_name Domain name to forward requests for string null yes
ips List of IPs and ports to forward DNS requests to. Use IP:PORT syntax, or just the IP list(string) [] yes
principals List of account IDs to share the resolver rule with list(string) [] no
ram_name RAM share name string r53-domain_name-rule no
resolver_endpoint_id Resolver endpoint id string null yes
rule_name Route53 resolver rule name string domain_name-rule no
tags Map of tags to apply to supported resources map(string) {} no
vpc_ids List of VPC ids to associate to the rule list(string) [] yes
You can’t perform that action at this time.