-
Notifications
You must be signed in to change notification settings - Fork 1
/
route53-vrs-sec-gov-uk.tf
90 lines (76 loc) · 2.56 KB
/
route53-vrs-sec-gov-uk.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
locals {
domain = "vulnerability-reporting.service.security.gov.uk"
prod_tags = {
"Service" : "GC3 - VRS - DNS",
"Reference" : "https://github.com/co-cddo/gc3-vuln-reporting-iac",
"Environment" : "prod"
}
}
resource "aws_route53_zone" "vrs-sec-gov-uk" {
name = local.domain
tags = merge(
{ "Name" : local.domain },
local.prod_tags
)
}
data "aws_cloudfront_distribution" "cdn-prod" {
id = "E2RA44OZABVABR"
}
resource "aws_route53_record" "a-prod" {
zone_id = aws_route53_zone.vrs-sec-gov-uk.zone_id
name = ""
type = "A"
alias {
name = data.aws_cloudfront_distribution.cdn-prod.domain_name
zone_id = data.aws_cloudfront_distribution.cdn-prod.hosted_zone_id
evaluate_target_health = false
}
}
resource "aws_route53_record" "aaaa-prod" {
zone_id = aws_route53_zone.vrs-sec-gov-uk.zone_id
name = ""
type = "AAAA"
alias {
name = data.aws_cloudfront_distribution.cdn-prod.domain_name
zone_id = data.aws_cloudfront_distribution.cdn-prod.hosted_zone_id
evaluate_target_health = false
}
}
resource "aws_route53_record" "www-a-prod" {
zone_id = aws_route53_zone.vrs-sec-gov-uk.zone_id
name = "www"
type = "A"
alias {
name = data.aws_cloudfront_distribution.cdn-prod.domain_name
zone_id = data.aws_cloudfront_distribution.cdn-prod.hosted_zone_id
evaluate_target_health = false
}
}
resource "aws_route53_record" "www-aaaa-prod" {
zone_id = aws_route53_zone.vrs-sec-gov-uk.zone_id
name = "www"
type = "AAAA"
alias {
name = data.aws_cloudfront_distribution.cdn-prod.domain_name
zone_id = data.aws_cloudfront_distribution.cdn-prod.hosted_zone_id
evaluate_target_health = false
}
}
resource "aws_route53_record" "security_txt-prod" {
zone_id = aws_route53_zone.vrs-sec-gov-uk.zone_id
name = "_security"
type = "TXT"
ttl = 1800
records = [
"security_policy=https://vulnerability-reporting.service.security.gov.uk/.well-known/security.txt",
"security_contact=https://vulnerability-reporting.service.security.gov.uk/submit",
]
}
module "co-cddo-aws-r53-parked-domain-prod" {
source = "github.com/co-cddo/aws-route53-parked-govuk-domain//terraform"
zone_id = aws_route53_zone.vrs-sec-gov-uk.zone_id
additional_txt_records = [
"security_policy=https://vulnerability-reporting.service.security.gov.uk/.well-known/security.txt",
"google-site-verification=25QFZwLwS94r74j_X-XV8mhqL5CN-_4tHpQoDqhzJAc",
]
}