diff --git a/terraform/projects/github-actions-oidc-provider/modules/global/variables.tf b/terraform/projects/github-actions-oidc-provider/modules/global/variables.tf index f9526224..22309c0c 100644 --- a/terraform/projects/github-actions-oidc-provider/modules/global/variables.tf +++ b/terraform/projects/github-actions-oidc-provider/modules/global/variables.tf @@ -1,10 +1,10 @@ variable "phase" { - description = "Provisioning phase, either `per-host`, `per-cluster` or `global`" + description = "Provisioning phase, either `per-host`, `per-cluster`, `per-domain`, or `global`" type = string validation { - condition = var.phase == "per-host" || var.phase == "per-cluster" || var.phase == "global" - error_message = "The phase variable must be either 'per-host', 'per-cluster', or 'global'." + condition = var.phase == "per-host" || var.phase == "per-cluster" || var.phase == "per-domain" || var.phase == "global" + error_message = "The phase variable must be either 'per-host', 'per-cluster', 'per-domain', or 'global'." } } diff --git a/terraform/projects/github-actions-terraform-linting/modules/global/variables.tf b/terraform/projects/github-actions-terraform-linting/modules/global/variables.tf index f9526224..22309c0c 100644 --- a/terraform/projects/github-actions-terraform-linting/modules/global/variables.tf +++ b/terraform/projects/github-actions-terraform-linting/modules/global/variables.tf @@ -1,10 +1,10 @@ variable "phase" { - description = "Provisioning phase, either `per-host`, `per-cluster` or `global`" + description = "Provisioning phase, either `per-host`, `per-cluster`, `per-domain`, or `global`" type = string validation { - condition = var.phase == "per-host" || var.phase == "per-cluster" || var.phase == "global" - error_message = "The phase variable must be either 'per-host', 'per-cluster', or 'global'." + condition = var.phase == "per-host" || var.phase == "per-cluster" || var.phase == "per-domain" || var.phase == "global" + error_message = "The phase variable must be either 'per-host', 'per-cluster', 'per-domain', or 'global'." } } diff --git a/terraform/projects/remote-state/modules/global/variables.tf b/terraform/projects/remote-state/modules/global/variables.tf index f9526224..22309c0c 100644 --- a/terraform/projects/remote-state/modules/global/variables.tf +++ b/terraform/projects/remote-state/modules/global/variables.tf @@ -1,10 +1,10 @@ variable "phase" { - description = "Provisioning phase, either `per-host`, `per-cluster` or `global`" + description = "Provisioning phase, either `per-host`, `per-cluster`, `per-domain`, or `global`" type = string validation { - condition = var.phase == "per-host" || var.phase == "per-cluster" || var.phase == "global" - error_message = "The phase variable must be either 'per-host', 'per-cluster', or 'global'." + condition = var.phase == "per-host" || var.phase == "per-cluster" || var.phase == "per-domain" || var.phase == "global" + error_message = "The phase variable must be either 'per-host', 'per-cluster', 'per-domain', or 'global'." } } diff --git a/terraform/projects/route53-dns/.terraform.lock.hcl b/terraform/projects/route53-dns/.terraform.lock.hcl new file mode 100644 index 00000000..fafc82de --- /dev/null +++ b/terraform/projects/route53-dns/.terraform.lock.hcl @@ -0,0 +1,25 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "5.77.0" + constraints = "~> 5.10" + hashes = [ + "h1:7yv9NDANq8B0hKcxySR053tYoG8rKHC2EobEEXjUdDg=", + "zh:0bb61ed8a86a231e466ceffd010cb446418483853aa7e35ecb628cf578fa3905", + "zh:15d37511e55db46a50e703195858b816b7bbfd7bd6d193abf45aec1cb31cfc29", + "zh:1cdaec2ca4408e90aee6ea550ff4ff01a46033854c26d71309541975aa6317bd", + "zh:1dd2d1af44004b35a1597e82f9aa9d6396a77808371aa4dfd2045a2a144b7329", + "zh:329bf790ef57b29b95eee847090bffb74751b2b5e5a4c23e07367cc0bf9cce10", + "zh:40949e13342a0a738036e66420b7a546bda91ef68038981badbe454545076f16", + "zh:5674eb93c8edd308abac408ae45ee90e59e171d45011f00f5036ff4d43a1de52", + "zh:747624ce0e938dd773bca295df226d39d425d3805e6afe50248159d0f2ec6d3a", + "zh:761795909c5cba10f138d276384fb034031eb1e8c5cdfe3b93794c8a78d909ce", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:9b95901dae3f2c7eea870d57940117ef5391676689efc565351bb087816674e4", + "zh:9bb86e159828dedc1302844d29ee6d79d6fee732c830a36838c359b9319ab304", + "zh:9e72dfbd7c28da259d51af92c21e580efd0045103cba2bb01cd1a8acb4185883", + "zh:a226b88521022598d1be8361b4f2976834d305ff58c8ea9b9a12c82f9a23f2c2", + "zh:faabcdfa36365359dca214da534cfb2fd5738edb40786c2afd09702f42ad1651", + ] +} diff --git a/terraform/projects/route53-dns/aws.tf b/terraform/projects/route53-dns/aws.tf new file mode 100644 index 00000000..08bfff0d --- /dev/null +++ b/terraform/projects/route53-dns/aws.tf @@ -0,0 +1,22 @@ +provider "aws" { + region = var.region + + default_tags { + tags = { + managed_by = "terraform" + plan = var.plan + } + } +} + +provider "aws" { + alias = "us_east_1" + region = "us-east-1" + + default_tags { + tags = { + managed_by = "terraform" + plan = var.plan + } + } +} diff --git a/terraform/projects/route53-dns/domain-data.tf b/terraform/projects/route53-dns/domain-data.tf new file mode 100644 index 00000000..bd23489d --- /dev/null +++ b/terraform/projects/route53-dns/domain-data.tf @@ -0,0 +1,3 @@ +module "domain_data" { + source = "../../modules/domain-data" +} diff --git a/terraform/projects/route53-dns/domains.tf b/terraform/projects/route53-dns/domains.tf new file mode 100644 index 00000000..09a9393e --- /dev/null +++ b/terraform/projects/route53-dns/domains.tf @@ -0,0 +1,9 @@ +module "route53_dns_domain" { + for_each = toset(module.domain_data.domains) + source = "./modules/per-domain" + + plan = var.plan + region = var.region + phase = "per-domain" + domain_name = each.value +} diff --git a/terraform/projects/route53-dns/main.tf b/terraform/projects/route53-dns/main.tf new file mode 100644 index 00000000..8a14b872 --- /dev/null +++ b/terraform/projects/route53-dns/main.tf @@ -0,0 +1,9 @@ +terraform { + backend "s3" { + bucket = "artichoke-forge-project-infrastructure-terraform-state" + region = "us-west-2" + key = "route53-dns/terraform.tfstate" + encrypt = true + dynamodb_table = "terraform_statelock" + } +} diff --git a/terraform/projects/route53-dns/modules/per-domain/domain-data.tf b/terraform/projects/route53-dns/modules/per-domain/domain-data.tf new file mode 100644 index 00000000..b927e7ae --- /dev/null +++ b/terraform/projects/route53-dns/modules/per-domain/domain-data.tf @@ -0,0 +1,3 @@ +module "domain_data" { + source = "../../../../modules/domain-data" +} diff --git a/terraform/projects/route53-dns/modules/per-domain/main.tf b/terraform/projects/route53-dns/modules/per-domain/main.tf new file mode 100644 index 00000000..7eb9b996 --- /dev/null +++ b/terraform/projects/route53-dns/modules/per-domain/main.tf @@ -0,0 +1,7 @@ +resource "aws_route53_zone" "zone" { + name = var.domain_name + + lifecycle { + prevent_destroy = true + } +} diff --git a/terraform/projects/route53-dns/modules/per-domain/outputs.tf b/terraform/projects/route53-dns/modules/per-domain/outputs.tf new file mode 100644 index 00000000..b8661f96 --- /dev/null +++ b/terraform/projects/route53-dns/modules/per-domain/outputs.tf @@ -0,0 +1,15 @@ +output "zone_name" { + value = aws_route53_zone.zone.name +} + +output "zone_id" { + value = aws_route53_zone.zone.zone_id +} + +output "zone_arn" { + value = aws_route53_zone.zone.arn +} + +output "zone_name_servers" { + value = [for ns in aws_route53_zone.zone.name_servers : ns] +} diff --git a/terraform/projects/route53-dns/modules/per-domain/variables.tf b/terraform/projects/route53-dns/modules/per-domain/variables.tf new file mode 100644 index 00000000..c9af3bb7 --- /dev/null +++ b/terraform/projects/route53-dns/modules/per-domain/variables.tf @@ -0,0 +1,34 @@ +variable "domain_name" { + description = "Domain name" + type = string +} + +variable "phase" { + description = "Provisioning phase, either `per-host`, `per-cluster`, `per-domain`, or `global`" + type = string + + validation { + condition = var.phase == "per-host" || var.phase == "per-cluster" || var.phase == "per-domain" || var.phase == "global" + error_message = "The phase variable must be either 'per-host', 'per-cluster', 'per-domain', or 'global'." + } +} + +variable "plan" { + description = "Plan name" + type = string + + validation { + condition = length(var.plan) >= 3 && !can(regex("artichoke", var.plan)) + error_message = "The plan variable must be at least 3 characters long and must not contain the string 'artichoke'." + } +} + +variable "region" { + description = "AWS region" + type = string + + validation { + condition = contains(["us-west-2", "us-west-1", "us-east-1", "us-east-2"], var.region) + error_message = "The region must be one of the following: us-west-2 (Oregon), us-west-1 (California), us-east-1, or us-east-2." + } +} diff --git a/terraform/projects/route53-dns/outputs.tf b/terraform/projects/route53-dns/outputs.tf new file mode 100644 index 00000000..7ac58687 --- /dev/null +++ b/terraform/projects/route53-dns/outputs.tf @@ -0,0 +1,7 @@ +output "route53_dns_domains" { + description = "Route53 zone information for each domain" + value = { + for domain_name in module.domain_data.domains : + domain_name => module.route53_dns_domain[domain_name] + } +} diff --git a/terraform/projects/route53-dns/variables.tf b/terraform/projects/route53-dns/variables.tf new file mode 100644 index 00000000..fcc5053e --- /dev/null +++ b/terraform/projects/route53-dns/variables.tf @@ -0,0 +1,11 @@ +variable "plan" { + description = "Plan name" + default = "route53-dns" + type = string +} + +variable "region" { + description = "AWS region" + default = "us-west-2" + type = string +} diff --git a/terraform/projects/route53-dns/versions.tf b/terraform/projects/route53-dns/versions.tf new file mode 100644 index 00000000..4115ed16 --- /dev/null +++ b/terraform/projects/route53-dns/versions.tf @@ -0,0 +1,10 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.10" + } + } + + required_version = "~> 1.0" +}