Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refactor dns/route53 records so only 1 certificate gets created #7789

Merged
merged 4 commits into from
Sep 20, 2024
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Need 2 separate route53 resources for the main DNS entry for prod and…
… non-prod as you cannot have conditional provider
mark-butler-solirius committed Sep 17, 2024

Verified

This commit was signed with the committer’s verified signature.
commit af40a403e70b559ad8dd5013e2cac0be6acf3443
19 changes: 16 additions & 3 deletions terraform/environments/wardship/dns_ssl.tf
Original file line number Diff line number Diff line change
@@ -55,10 +55,23 @@ resource "aws_route53_record" "external_validation_subdomain" {

// Route53 DNS record for directing traffic to the service
// Provider, zone and name dependent on production or non-production environment
resource "aws_route53_record" "external-prod" {
provider = aws.core-network-services
zone_id = data.aws_route53_zone.application_zone.zone_id
name = "wardship-agreements-register.service.justice.gov.uk"
type = "A"

alias {
name = aws_lb.wardship_lb.dns_name
zone_id = aws_lb.wardship_lb.zone_id
evaluate_target_health = true
}
}

resource "aws_route53_record" "external" {
provider = local.is-production ? aws.core-network-services : aws.core-vpc
zone_id = local.is-production ? data.aws_route53_zone.application_zone.zone_id : data.aws_route53_zone.external.zone_id
name = local.is-production ? "wardship-agreements-register.service.justice.gov.uk" : "${var.networking[0].application}.${var.networking[0].business-unit}-${local.environment}.modernisation-platform.service.justice.gov.uk"
provider = aws.core-vpc
zone_id = data.aws_route53_zone.external.zone_id
name = "${var.networking[0].application}.${var.networking[0].business-unit}-${local.environment}.modernisation-platform.service.justice.gov.uk"
type = "A"

alias {