tf-aws-asg-lambda-dns

Route53 support for ASG instances.

Valid record templates are:

• service.domain
• service.az.domain
• service-az.domain
• service.az_short.domain
• service-az_short.domain
• service.instanceid.domain
• service-instanceid.domain
• service.internal.region.domain
• service.internal.domain
• service-internal.domain
• service.region.domain
• service-region.domain

Note that templates containing az, az_short or instanceid are not available for ASG type records ( private_asg_record_template and public_asg_record_template).

Usage

module "dnsmagic" {
  source                           = "../modules/tf-aws-asg-lambda-dns/"
  zone_id                          = "Z2FA3UHII7N4VI"
  asg_names                        = [aws_autoscaling_group.bar.name]
  asg_count                        = 1
  sns_topic_name                   = "bastions_dns_lambda"
  lambda_function_name             = "handle_dns_for_bastions"
  service                          = "bastion"
  manage_instance_dns              = true
  private_instance_record_template = "service.instanceid.domain"
  manage_private_asg_dns           = true
  ttl                              = 60
}

Variables

See variables file

Outputs

See outputs file

Requirements

Name	Version
terraform	> 0.11
terraform	>= 0.12

Providers

Name	Version
archive	n/a
aws	n/a
null	n/a

Modules

No modules.

Resources

Name	Type
aws_autoscaling_notification.manage_dns_asg_notification	resource
aws_iam_role.lambda_manage_dns_role	resource
aws_iam_role_policy.lambda_manage_dns_logging_policy	resource
aws_iam_role_policy.lambda_manage_dns_policy	resource
aws_lambda_function.manage_dns	resource
aws_lambda_permission.manage_dns_asg_sns	resource
aws_sns_topic.manage_dns_asg_sns	resource
aws_sns_topic_subscription.sns_topic_subscription	resource
null_resource.notify_sns_topic	resource
archive_file.lambda_package	data source
aws_region.current	data source

Inputs

Name	Description	Type	Default	Required
asg_count	Number of the Autoscaling Groups defined in asg_names variable. Only here because count cannot be computed	string	"1"	no
asg_names	Name of the Autoscaling Groups to attach this Lambda Function to	list(string)	n/a	yes
enabled	Enable or disable the Lambda DNS functionality.	string	"1"	no
environment	Environment	string	n/a	yes
lambda_function_name	The name of the Lambda Function to create, which will manage the Autoscaling Groups	string	n/a	yes
manage_instance_dns	Whether to manage DNS records for Autoscaling Group instances	bool	true	no
manage_private_asg_dns	Whether to manage DNS records for private Autoscaling Group instances	bool	false	no
manage_public_asg_dns	Whether to manage DNS records for public Autoscaling Group instances	bool	false	no
pd_escalation_policy	PagerDuty Escalation Policy	string	n/a	yes
pd_priority	PagerDuty Priority ID	string	n/a	yes
pd_service	PagerDuty Service ID	string	n/a	yes
pd_user_email	PagerDuty Registered User Email	string	n/a	yes
private_asg_record_template	The fully qualified domain name format for private Autoscaling Group DNS records	string	"service.internal.domain"	no
private_instance_record_template	The fully qualified domain name format for private instance DNS records	string	"service.az.domain"	no
public_asg_record_template	The fully qualified domain name format for public Autoscaling Group DNS records	string	"service.domain"	no
runtime	Runtime binary	string	"python3.12"	no
secret_name	Daemon Secret Manager	string	n/a	yes
service	Autoscaling Group service name, e.g. 'bastion'. This will be prefix for DNS records.	string	n/a	yes
slack_webhook	slack webhook for notifications	string	n/a	yes
sns_topic_name	Name for the SNS topic which will handle notifications of instance launch and terminate events	string	n/a	yes
ttl	TTL value for the DNS record(s)	number	60	no
zone_id	Id of a zone file to add records to	string	n/a	yes

Outputs

Name	Description
lambda_function_arn	n/a
lambda_function_name	n/a
lambda_manage_dns_role_arn	n/a
sns_topic_arn	n/a