diff --git a/examples/route53/README.md b/examples/route53/README.md new file mode 100644 index 0000000..c27eb00 --- /dev/null +++ b/examples/route53/README.md @@ -0,0 +1,39 @@ + +## Requirements + +| Name | Version | +|------|---------| +| terraform | >= 1.3.0 | +| humanitec | ~> 0 | + +## Providers + +| Name | Version | +|------|---------| +| humanitec | ~> 0 | + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| route53 | ../../humanitec-resource-defs/route53/basic | n/a | + +## Resources + +| Name | Type | +|------|------| +| [humanitec_application.example](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/application) | resource | +| [humanitec_resource_definition_criteria.dns](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/resource_definition_criteria) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| access\_key | AWS Access Key | `string` | n/a | yes | +| hosted\_zone\_id | The id of the hosted zone in which this record set will reside. | `string` | n/a | yes | +| name | Name of the example application | `string` | n/a | yes | +| region | AWS Region | `string` | n/a | yes | +| secret\_key | AWS Secret Key | `string` | n/a | yes | +| resource\_packs\_aws\_rev | AWS Resource Pack git branch | `string` | `"refs/heads/main"` | no | +| resource\_packs\_aws\_url | AWS Resource Pack git url | `string` | `"https://github.com/humanitec-architecture/resource-packs-aws.git"` | no | + \ No newline at end of file diff --git a/examples/route53/main.tf b/examples/route53/main.tf new file mode 100644 index 0000000..99d3db1 --- /dev/null +++ b/examples/route53/main.tf @@ -0,0 +1,27 @@ +locals { + res_def_prefix = "${var.name}-" +} + +resource "humanitec_application" "example" { + id = var.name + name = var.name +} + +module "route53" { + source = "../../humanitec-resource-defs/route53/basic" + + access_key = var.access_key + secret_key = var.secret_key + resource_packs_aws_url = var.resource_packs_aws_url + resource_packs_aws_rev = var.resource_packs_aws_rev + region = var.region + + prefix = local.res_def_prefix + + hosted_zone_id = var.hosted_zone_id +} + +resource "humanitec_resource_definition_criteria" "dns" { + resource_definition_id = module.route53.id + app_id = humanitec_application.example.id +} diff --git a/examples/route53/providers.tf b/examples/route53/providers.tf new file mode 100644 index 0000000..53e6404 --- /dev/null +++ b/examples/route53/providers.tf @@ -0,0 +1,12 @@ +terraform { + required_providers { + humanitec = { + source = "humanitec/humanitec" + version = "~> 0" + } + } + + required_version = ">= 1.3.0" +} + +provider "humanitec" {} diff --git a/examples/route53/terraform.tfvars.example b/examples/route53/terraform.tfvars.example new file mode 100644 index 0000000..1ef090a --- /dev/null +++ b/examples/route53/terraform.tfvars.example @@ -0,0 +1,21 @@ + +# AWS Access Key +access_key = "" + +# The id of the hosted zone in which this record set will reside. +hosted_zone_id = "" + +# Name of the example application +name = "" + +# AWS Region +region = "" + +# AWS Resource Pack git branch +resource_packs_aws_rev = "refs/heads/main" + +# AWS Resource Pack git url +resource_packs_aws_url = "https://github.com/humanitec-architecture/resource-packs-aws.git" + +# AWS Secret Key +secret_key = "" \ No newline at end of file diff --git a/examples/route53/variables.tf b/examples/route53/variables.tf new file mode 100644 index 0000000..4a63f26 --- /dev/null +++ b/examples/route53/variables.tf @@ -0,0 +1,36 @@ +variable "access_key" { + description = "AWS Access Key" + type = string +} + +variable "secret_key" { + description = "AWS Secret Key" + type = string +} + +variable "region" { + description = "AWS Region" + type = string +} + +variable "resource_packs_aws_url" { + description = "AWS Resource Pack git url" + type = string + default = "https://github.com/humanitec-architecture/resource-packs-aws.git" +} + +variable "resource_packs_aws_rev" { + description = "AWS Resource Pack git branch" + type = string + default = "refs/heads/main" +} + +variable "name" { + description = "Name of the example application" + type = string +} + +variable "hosted_zone_id" { + description = "The id of the hosted zone in which this record set will reside." + type = string +} diff --git a/humanitec-resource-defs/route53/basic/README.md b/humanitec-resource-defs/route53/basic/README.md new file mode 100644 index 0000000..f3e4f03 --- /dev/null +++ b/humanitec-resource-defs/route53/basic/README.md @@ -0,0 +1,38 @@ + +## Requirements + +| Name | Version | +|------|---------| +| terraform | >= 1.3.0 | +| humanitec | ~> 0 | + +## Providers + +| Name | Version | +|------|---------| +| humanitec | ~> 0 | + +## Resources + +| Name | Type | +|------|------| +| [humanitec_resource_definition.main](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/resource_definition) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| access\_key | AWS Access Key | `string` | n/a | yes | +| hosted\_zone\_id | The id of the hosted zone in which this record set will reside. | `string` | n/a | yes | +| prefix | Prefix for all resources | `string` | n/a | yes | +| region | AWS Region | `string` | n/a | yes | +| secret\_key | AWS Secret Key | `string` | n/a | yes | +| resource\_packs\_aws\_rev | AWS Resource Pack git branch | `string` | `"refs/heads/main"` | no | +| resource\_packs\_aws\_url | AWS Resource Pack git url | `string` | `"https://github.com/humanitec-architecture/resource-packs-aws.git"` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| id | n/a | + \ No newline at end of file diff --git a/humanitec-resource-defs/route53/basic/main.tf b/humanitec-resource-defs/route53/basic/main.tf new file mode 100644 index 0000000..19bb985 --- /dev/null +++ b/humanitec-resource-defs/route53/basic/main.tf @@ -0,0 +1,32 @@ +resource "humanitec_resource_definition" "main" { + driver_type = "humanitec/terraform" + id = "${var.prefix}route53" + name = "${var.prefix}route53" + type = "dns" + + driver_inputs = { + secrets_string = jsonencode({ + variables = { + access_key = var.access_key + secret_key = var.secret_key + } + }) + + values_string = jsonencode({ + source = { + path = "modules/route53/basic" + rev = var.resource_packs_aws_rev + url = var.resource_packs_aws_url + } + + variables = { + region = var.region + res_id = "$${context.res.id}" + app_id = "$${context.app.id}" + env_id = "$${context.env.id}" + hosted_zone_id = var.hosted_zone_id + subdomain = "$${context.app.id}-$${context.env.id}" + } + }) + } +} diff --git a/humanitec-resource-defs/route53/basic/outputs.tf b/humanitec-resource-defs/route53/basic/outputs.tf new file mode 100644 index 0000000..28542ec --- /dev/null +++ b/humanitec-resource-defs/route53/basic/outputs.tf @@ -0,0 +1,3 @@ +output "id" { + value = humanitec_resource_definition.main.id +} diff --git a/humanitec-resource-defs/route53/basic/providers.tf b/humanitec-resource-defs/route53/basic/providers.tf new file mode 100644 index 0000000..86c4fc3 --- /dev/null +++ b/humanitec-resource-defs/route53/basic/providers.tf @@ -0,0 +1,10 @@ +terraform { + required_providers { + humanitec = { + source = "humanitec/humanitec" + version = "~> 0" + } + } + + required_version = ">= 1.3.0" +} diff --git a/humanitec-resource-defs/route53/basic/terraform.tfvars.example b/humanitec-resource-defs/route53/basic/terraform.tfvars.example new file mode 100644 index 0000000..c64c038 --- /dev/null +++ b/humanitec-resource-defs/route53/basic/terraform.tfvars.example @@ -0,0 +1,21 @@ + +# AWS Access Key +access_key = "" + +# The id of the hosted zone in which this record set will reside. +hosted_zone_id = "" + +# Prefix for all resources +prefix = "" + +# AWS Region +region = "" + +# AWS Resource Pack git branch +resource_packs_aws_rev = "refs/heads/main" + +# AWS Resource Pack git url +resource_packs_aws_url = "https://github.com/humanitec-architecture/resource-packs-aws.git" + +# AWS Secret Key +secret_key = "" \ No newline at end of file diff --git a/humanitec-resource-defs/route53/basic/variables.tf b/humanitec-resource-defs/route53/basic/variables.tf new file mode 100644 index 0000000..4028165 --- /dev/null +++ b/humanitec-resource-defs/route53/basic/variables.tf @@ -0,0 +1,36 @@ +variable "prefix" { + description = "Prefix for all resources" + type = string +} + +variable "resource_packs_aws_url" { + description = "AWS Resource Pack git url" + type = string + default = "https://github.com/humanitec-architecture/resource-packs-aws.git" +} + +variable "resource_packs_aws_rev" { + description = "AWS Resource Pack git branch" + type = string + default = "refs/heads/main" +} + +variable "access_key" { + description = "AWS Access Key" + type = string +} + +variable "secret_key" { + description = "AWS Secret Key" + type = string +} + +variable "region" { + description = "AWS Region" + type = string +} + +variable "hosted_zone_id" { + description = "The id of the hosted zone in which this record set will reside." + type = string +} diff --git a/modules/route53/basic/README.md b/modules/route53/basic/README.md new file mode 100644 index 0000000..2d41c63 --- /dev/null +++ b/modules/route53/basic/README.md @@ -0,0 +1,44 @@ + +## Requirements + +| Name | Version | +|------|---------| +| terraform | >= 1.3.0 | +| aws | ~> 5.0 | + +## Providers + +| Name | Version | +|------|---------| +| aws | ~> 5.0 | + +## Resources + +| Name | Type | +|------|------| +| [aws_route53_record.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource | +| [aws_route53_zone.hosted_zone](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route53_zone) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| access\_key | AWS Access Key | `string` | n/a | yes | +| app\_id | n/a | `string` | n/a | yes | +| env\_id | n/a | `string` | n/a | yes | +| hosted\_zone\_id | The id of the hosted zone in which this record set will reside. | `string` | n/a | yes | +| region | AWS Region | `string` | n/a | yes | +| res\_id | n/a | `string` | n/a | yes | +| secret\_key | AWS Secret Key | `string` | n/a | yes | +| subdomain | The subdomain of the DNS name that the DNS record is for. | `string` | n/a | yes | +| aws\_hosted\_zone | Hosted zone ID for a CloudFront distribution, S3 bucket, ELB, or Route 53 hosted zone. | `string` | `""` | no | +| ip\_address | The IPv4 address that the DNS name should resolve to. | `string` | `""` | no | +| ipv6\_address | The IPv6 address that the DNS name should resolve to. | `string` | `""` | no | +| name | A valid fully qualified domain name that the DNS name should resolve to. | `string` | `""` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| host | n/a | + \ No newline at end of file diff --git a/modules/route53/basic/main.tf b/modules/route53/basic/main.tf new file mode 100644 index 0000000..e3608cf --- /dev/null +++ b/modules/route53/basic/main.tf @@ -0,0 +1,37 @@ +locals { + types = ["A", "AAAA", "CNAME"] + provided_records = [var.ip_address, var.ipv6_address, var.name] + records = [for r in local.provided_records : r if r != ""] + + # If every record is empty, then the type is A, but this will be caught below. + type = local.types[index(local.provided_records, length(local.records) > 0 ? local.records[0] : "")] +} + +data "aws_route53_zone" "hosted_zone" { + zone_id = var.hosted_zone_id +} + +resource "aws_route53_record" "main" { + name = "${var.subdomain}.${data.aws_route53_zone.hosted_zone.name}" + zone_id = data.aws_route53_zone.hosted_zone.id + type = var.aws_hosted_zone == "" ? local.type : "A" + + ttl = var.aws_hosted_zone == "" ? 300 : null + records = var.aws_hosted_zone == "" ? local.records : null + + dynamic "alias" { + for_each = var.aws_hosted_zone != "" ? [true] : [] + content { + name = var.name + zone_id = var.aws_hosted_zone + evaluate_target_health = false + } + } + + lifecycle { + precondition { + condition = length(local.records) > 0 + error_message = "Only one of ip_address, ipv6_address, name is supported." + } + } +} \ No newline at end of file diff --git a/modules/route53/basic/outputs.tf b/modules/route53/basic/outputs.tf new file mode 100644 index 0000000..7f84dbc --- /dev/null +++ b/modules/route53/basic/outputs.tf @@ -0,0 +1,3 @@ +output "host" { + value = aws_route53_record.main.name +} diff --git a/modules/route53/basic/providers.tf b/modules/route53/basic/providers.tf new file mode 100644 index 0000000..38763b0 --- /dev/null +++ b/modules/route53/basic/providers.tf @@ -0,0 +1,26 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.0" + } + } + + required_version = ">= 1.3.0" +} + +provider "aws" { + # Injected via the humanitec-terraform-driver + access_key = var.access_key + secret_key = var.secret_key + region = var.region + + default_tags { + tags = { + "managed-by" = "humanitec" + "hum-app-id" = var.app_id + "hum-env-id" = var.env_id + "hum-res-id" = var.res_id + } + } +} diff --git a/modules/route53/basic/terraform.tfvars.example b/modules/route53/basic/terraform.tfvars.example new file mode 100644 index 0000000..3295839 --- /dev/null +++ b/modules/route53/basic/terraform.tfvars.example @@ -0,0 +1,33 @@ + +# AWS Access Key +access_key = "" + +app_id = "" + +# Hosted zone ID for a CloudFront distribution, S3 bucket, ELB, or Route 53 hosted zone. +aws_hosted_zone = "" + +env_id = "" + +# The id of the hosted zone in which this record set will reside. +hosted_zone_id = "" + +# The IPv4 address that the DNS name should resolve to. +ip_address = "" + +# The IPv6 address that the DNS name should resolve to. +ipv6_address = "" + +# A valid fully qualified domain name that the DNS name should resolve to. +name = "" + +# AWS Region +region = "" + +res_id = "" + +# AWS Secret Key +secret_key = "" + +# The subdomain of the DNS name that the DNS record is for. +subdomain = "" \ No newline at end of file diff --git a/modules/route53/basic/variables.tf b/modules/route53/basic/variables.tf new file mode 100644 index 0000000..4b8350e --- /dev/null +++ b/modules/route53/basic/variables.tf @@ -0,0 +1,61 @@ + +variable "access_key" { + description = "AWS Access Key" + type = string +} + +variable "secret_key" { + description = "AWS Secret Key" + type = string +} + +variable "region" { + description = "AWS Region" + type = string +} + +variable "res_id" { + type = string +} + +variable "app_id" { + type = string +} + +variable "env_id" { + type = string +} + +variable "hosted_zone_id" { + description = "The id of the hosted zone in which this record set will reside." + type = string +} + +variable "subdomain" { + description = "The subdomain of the DNS name that the DNS record is for." + type = string +} + +variable "ip_address" { + description = "The IPv4 address that the DNS name should resolve to." + type = string + default = "" +} + +variable "ipv6_address" { + description = "The IPv6 address that the DNS name should resolve to." + type = string + default = "" +} + +variable "name" { + description = "A valid fully qualified domain name that the DNS name should resolve to." + type = string + default = "" +} + +variable "aws_hosted_zone" { + description = "Hosted zone ID for a CloudFront distribution, S3 bucket, ELB, or Route 53 hosted zone." + type = string + default = "" +}