diff --git a/modules/dns/README.md b/modules/dns/README.md
index 588d9e8390..657dcc47d8 100644
--- a/modules/dns/README.md
+++ b/modules/dns/README.md
@@ -66,7 +66,7 @@ module "private-dns" {
# tftest modules=1 resources=1 inventory=peering-zone.yaml
```
-### Routing Policies
+### Routing Policies
```hcl
module "private-dns" {
@@ -81,14 +81,37 @@ module "private-dns" {
}
recordsets = {
"A regular" = { records = ["10.20.0.1"] }
- "A geo" = {
+ "A geo1" = {
geo_routing = [
{ location = "europe-west1", records = ["10.0.0.1"] },
{ location = "europe-west2", records = ["10.0.0.2"] },
{ location = "europe-west3", records = ["10.0.0.3"] }
]
}
-
+ "A geo2" = {
+ geo_routing = [
+ { location = "europe-west1", health_checked_targets = [
+ {
+ load_balancer_type = "globalL7ilb",
+ ip_address = "gil7-forwarding-rule-a",
+ port = "80",
+ ip_protocol = "tcp",
+ network_url = var.vpc.self_link
+ project = var.project_id
+ }
+ ] },
+ { location = "europe-west2", health_checked_targets = [
+ {
+ load_balancer_type = "globalL7ilb",
+ ip_address = "gil7-forwarding-rule-b",
+ port = "80",
+ ip_protocol = "tcp",
+ network_url = var.vpc.self_link
+ project = var.project_id
+ }
+ ] },
+ ]
+ }
"A wrr" = {
ttl = 600
wrr_routing = [
@@ -99,7 +122,7 @@ module "private-dns" {
}
}
}
-# tftest modules=1 resources=4 inventory=routing-policies.yaml e2e
+# tftest modules=1 resources=5 inventory=routing-policies.yaml e2e
```
### Reverse Lookup Zone
@@ -148,8 +171,8 @@ module "public-dns" {
| [project_id](variables.tf#L34) | Project id for the zone. | string | ✓ | |
| [description](variables.tf#L17) | Domain description. | string | | "Terraform managed." |
| [iam](variables.tf#L23) | IAM bindings in {ROLE => [MEMBERS]} format. | map(list(string)) | | null |
-| [recordsets](variables.tf#L39) | Map of DNS recordsets in \"type name\" => {ttl, [records]} format. | map(object({…})) | | {} |
-| [zone_config](variables.tf#L74) | DNS zone configuration. | object({…}) | | null |
+| [recordsets](variables.tf#L39) | Map of DNS recordsets in \"type name\" => {ttl, [records]} format. | map(object({…})) | | {} |
+| [zone_config](variables.tf#L83) | DNS zone configuration. | object({…}) | | null |
## Outputs
diff --git a/modules/dns/main.tf b/modules/dns/main.tf
index 5fec4f8494..669c143323 100644
--- a/modules/dns/main.tf
+++ b/modules/dns/main.tf
@@ -180,6 +180,23 @@ resource "google_dns_record_set" "dns_record_set" {
content {
location = geo.value.location
rrdatas = geo.value.records
+ dynamic "health_checked_targets" {
+ for_each = try(geo.value.health_checked_targets, null) == null ? [] : [""]
+ content {
+ dynamic "internal_load_balancers" {
+ for_each = geo.value.health_checked_targets
+ content {
+ load_balancer_type = internal_load_balancers.value.load_balancer_type
+ ip_address = internal_load_balancers.value.ip_address
+ port = internal_load_balancers.value.port
+ ip_protocol = internal_load_balancers.value.ip_protocol
+ network_url = internal_load_balancers.value.network_url
+ project = internal_load_balancers.value.project
+ region = internal_load_balancers.value.region
+ }
+ }
+ }
+ }
}
}
dynamic "wrr" {
diff --git a/modules/dns/variables.tf b/modules/dns/variables.tf
index 08395ba039..4561a98d5b 100644
--- a/modules/dns/variables.tf
+++ b/modules/dns/variables.tf
@@ -43,7 +43,16 @@ variable "recordsets" {
records = optional(list(string))
geo_routing = optional(list(object({
location = string
- records = list(string)
+ records = optional(list(string))
+ health_checked_targets = optional(list(object({
+ load_balancer_type = string
+ ip_address = string
+ port = string
+ ip_protocol = string
+ network_url = string
+ project = string
+ region = optional(string)
+ })))
})))
wrr_routing = optional(list(object({
weight = number
diff --git a/tests/modules/dns/examples/routing-policies.yaml b/tests/modules/dns/examples/routing-policies.yaml
index 039404360d..e4c3ed1f30 100644
--- a/tests/modules/dns/examples/routing-policies.yaml
+++ b/tests/modules/dns/examples/routing-policies.yaml
@@ -14,12 +14,28 @@
values:
module.private-dns.google_dns_managed_zone.dns_managed_zone[0]:
+ cloud_logging_config:
+ - enable_logging: false
+ description: Terraform managed.
dns_name: test.example.
+ dnssec_config: []
+ force_destroy: false
+ forwarding_config: []
+ labels: null
name: test-example
+ peering_config: []
+ private_visibility_config:
+ - gke_clusters: []
+ networks:
+ - network_url: projects/xxx/global/networks/aaa
project: project-id
- module.private-dns.google_dns_record_set.dns_record_set["A geo"]:
+ reverse_lookup: false
+ service_directory_config: []
+ timeouts: null
+ visibility: private
+ module.private-dns.google_dns_record_set.dns_record_set["A geo1"]:
managed_zone: test-example
- name: geo.test.example.
+ name: geo1.test.example.
project: project-id
routing_policy:
- enable_geo_fencing: null
@@ -41,6 +57,40 @@ values:
rrdatas: null
ttl: 300
type: A
+ module.private-dns.google_dns_record_set.dns_record_set["A geo2"]:
+ managed_zone: test-example
+ name: geo2.test.example.
+ project: project-id
+ routing_policy:
+ - enable_geo_fencing: null
+ geo:
+ - health_checked_targets:
+ - internal_load_balancers:
+ - ip_address: gil7-forwarding-rule-a
+ ip_protocol: tcp
+ load_balancer_type: globalL7ilb
+ network_url: projects/xxx/global/networks/aaa
+ port: '80'
+ project: project-id
+ region: null
+ location: europe-west1
+ rrdatas: null
+ - health_checked_targets:
+ - internal_load_balancers:
+ - ip_address: gil7-forwarding-rule-b
+ ip_protocol: tcp
+ load_balancer_type: globalL7ilb
+ network_url: projects/xxx/global/networks/aaa
+ port: '80'
+ project: project-id
+ region: null
+ location: europe-west2
+ rrdatas: null
+ primary_backup: []
+ wrr: []
+ rrdatas: null
+ ttl: 300
+ type: A
module.private-dns.google_dns_record_set.dns_record_set["A regular"]:
managed_zone: test-example
name: regular.test.example.
@@ -77,4 +127,6 @@ values:
counts:
google_dns_managed_zone: 1
- google_dns_record_set: 3
+ google_dns_record_set: 4
+ modules: 1
+ resources: 5
\ No newline at end of file