aws.shore.co.il subdomain.

New AWS subdomain. The point is having it in AWS so Terraform can manage it and then it I can do cool things, like requesting certificates from AWS and validate ownership using DNS all inside the comfort of Terraform.

aws.shore.co.il subdomain.
e99f5030 · nimrod · 274603b1 · e99f5030 · e99f5030
Commit e99f5030 authored 3 years ago by nimrod
--- a/Ansible/roles/router/files/nsd/shore.co.il
+++ b/Ansible/roles/router/files/nsd/shore.co.il
@@ -2,7 +2,7 @@
 $TTL 1h
 $ORIGIN shore.co.il.
 @               IN      SOA     ns1     hostmaster (
-        2021051901
+        2022041003
        1h
        5m
        4w
@@ -85,3 +85,8 @@ host01._domainkey IN    TXT     ("v=DKIM1\; k=rsa\;"
 _adsp._domainkey        IN      TXT     "dkim=all;"
 _dmarc  IN      TXT     "v=DMARC1;p=quarantine;pct=100;sp=reject;fo=1;rua=mailto:postmaster@shore.co.il;ruf=mailto:postmaster@shore.co.il;adkim=s;aspf=s"
+aws     IN      NS      ns-117.awsdns-14.com.
+aws     IN      NS      ns-1352.awsdns-41.org.
+aws     IN      NS      ns-1664.awsdns-16.co.uk.
+aws     IN      NS      ns-750.awsdns-29.net.
--- a/Terraform/AWS/route53.tf
+++ b/Terraform/AWS/route53.tf
+resource "aws_route53_zone" "zone" {
+  name = "aws.shore.co.il"
+}
+locals {
+  dns_zone_arn          = aws_route53_zone.zone.arn
+  dns_zone_id           = aws_route53_zone.zone.zone_id
+  dns_zone_name         = aws_route53_zone.zone.name
+  dns_zone_name_servers = aws_route53_zone.zone.name_servers
+}
+output "dns_zone_arn" {
+  description = "ARN of the Route53 DNS zone."
+  value       = local.dns_zone_arn
+}
+output "dns_zone_id" {
+  description = "ID of the Route53 DNS zone."
+  value       = local.dns_zone_id
+}
+output "dns_zone_name" {
+  description = "Name of the Router53 DNS zone."
+  value       = local.dns_zone_name
+}
+output "dns_zone_name_servers" {
+  description = "List of name servers of the Route53 DNS zone."
+  value       = local.dns_zone_name_servers
+}
+locals {
+  aws_caa_domain_names = [
+    "amazon.com",
+    "amazontrust.com",
+    "awstrust.com",
+    "amazonaws.com",
+  ]
+}
+resource "aws_route53_record" "caa" {
+  name = local.dns_zone_name
+  records = [
+    "0 issue \"amazon.com\"",
+    "0 issue \"amazontrust.com\"",
+    "0 issue \"awstrust.com\"",
+    "0 issue \"amazonaws.com\"",
+  ]
+  ttl     = 86400
+  type    = "CAA"
+  zone_id = local.dns_zone_id
+}