Skip to content

Commit

Permalink
enable-logging flag can only be true for public zones
Browse files Browse the repository at this point in the history
  • Loading branch information
apichick committed Jul 19, 2023
1 parent 94daeab commit bad5748
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 4 deletions.
2 changes: 1 addition & 1 deletion modules/dns/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -150,7 +150,7 @@ module "public-dns" {
| [description](variables.tf#L21) | Domain description. | <code>string</code> | | <code>&#34;Terraform managed.&#34;</code> |
| [iam](variables.tf#L27) | IAM bindings in {ROLE => [MEMBERS]} format. | <code>map&#40;list&#40;string&#41;&#41;</code> | | <code>null</code> |
| [recordsets](variables.tf#L43) | Map of DNS recordsets in \"type name\" => {ttl, [records]} format. | <code title="map&#40;object&#40;&#123;&#10; ttl &#61; optional&#40;number, 300&#41;&#10; records &#61; optional&#40;list&#40;string&#41;&#41;&#10; geo_routing &#61; optional&#40;list&#40;object&#40;&#123;&#10; location &#61; string&#10; records &#61; list&#40;string&#41;&#10; &#125;&#41;&#41;&#41;&#10; wrr_routing &#61; optional&#40;list&#40;object&#40;&#123;&#10; weight &#61; number&#10; records &#61; list&#40;string&#41;&#10; &#125;&#41;&#41;&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>&#123;&#125;</code> |
| [zone_config](variables.tf#L78) | DNS zone configuration. | <code title="object&#40;&#123;&#10; domain &#61; string&#10; enable_logging &#61; optional&#40;bool, false&#41;&#10; forwarding &#61; optional&#40;object&#40;&#123;&#10; forwarders &#61; optional&#40;map&#40;string&#41;&#41;&#10; client_networks &#61; list&#40;string&#41;&#10; &#125;&#41;&#41;&#10; peering &#61; optional&#40;object&#40;&#123;&#10; client_networks &#61; list&#40;string&#41;&#10; peer_network &#61; string&#10; &#125;&#41;&#41;&#10; public &#61; optional&#40;object&#40;&#123;&#10; dnssec_config &#61; optional&#40;object&#40;&#123;&#10; non_existence &#61; optional&#40;string, &#34;nsec3&#34;&#41;&#10; state &#61; string&#10; key_signing_key &#61; optional&#40;object&#40;&#10; &#123; algorithm &#61; string, key_length &#61; number &#125;&#41;,&#10; &#123; algorithm &#61; &#34;rsasha256&#34;, key_length &#61; 2048 &#125;&#10; &#41;&#10; zone_signing_key &#61; optional&#40;object&#40;&#10; &#123; algorithm &#61; string, key_length &#61; number &#125;&#41;,&#10; &#123; algorithm &#61; &#34;rsasha256&#34;, key_length &#61; 1024 &#125;&#10; &#41;&#10; &#125;&#41;&#41;&#10; &#125;&#41;&#41;&#10; private &#61; optional&#40;object&#40;&#123;&#10; client_networks &#61; list&#40;string&#41;&#10; service_directory_namespace &#61; optional&#40;string&#41;&#10; &#125;&#41;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |
| [zone_config](variables.tf#L78) | DNS zone configuration. | <code title="object&#40;&#123;&#10; domain &#61; string&#10; forwarding &#61; optional&#40;object&#40;&#123;&#10; forwarders &#61; optional&#40;map&#40;string&#41;&#41;&#10; client_networks &#61; list&#40;string&#41;&#10; &#125;&#41;&#41;&#10; peering &#61; optional&#40;object&#40;&#123;&#10; client_networks &#61; list&#40;string&#41;&#10; peer_network &#61; string&#10; &#125;&#41;&#41;&#10; public &#61; optional&#40;object&#40;&#123;&#10; dnssec_config &#61; optional&#40;object&#40;&#123;&#10; non_existence &#61; optional&#40;string, &#34;nsec3&#34;&#41;&#10; state &#61; string&#10; key_signing_key &#61; optional&#40;object&#40;&#10; &#123; algorithm &#61; string, key_length &#61; number &#125;&#41;,&#10; &#123; algorithm &#61; &#34;rsasha256&#34;, key_length &#61; 2048 &#125;&#10; &#41;&#10; zone_signing_key &#61; optional&#40;object&#40;&#10; &#123; algorithm &#61; string, key_length &#61; number &#125;&#41;,&#10; &#123; algorithm &#61; &#34;rsasha256&#34;, key_length &#61; 1024 &#125;&#10; &#41;&#10; &#125;&#41;&#41;&#10; enable_logging &#61; optional&#40;bool, false&#41;&#10; &#125;&#41;&#41;&#10; private &#61; optional&#40;object&#40;&#123;&#10; client_networks &#61; list&#40;string&#41;&#10; service_directory_namespace &#61; optional&#40;string&#41;&#10; &#125;&#41;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |

## Outputs

Expand Down
2 changes: 1 addition & 1 deletion modules/dns/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -139,7 +139,7 @@ resource "google_dns_managed_zone" "dns_managed_zone" {
}
}
cloud_logging_config {
enable_logging = try(var.zone_config.enable_logging, false)
enable_logging = try(var.zone_config.public.enable_logging, false)
}
}

Expand Down
4 changes: 2 additions & 2 deletions modules/dns/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -78,8 +78,7 @@ variable "recordsets" {
variable "zone_config" {
description = "DNS zone configuration."
type = object({
domain = string
enable_logging = optional(bool, false)
domain = string
forwarding = optional(object({
forwarders = optional(map(string))
client_networks = list(string)
Expand All @@ -101,6 +100,7 @@ variable "zone_config" {
{ algorithm = "rsasha256", key_length = 1024 }
)
}))
enable_logging = optional(bool, false)
}))
private = optional(object({
client_networks = list(string)
Expand Down

0 comments on commit bad5748

Please sign in to comment.