feature - route53 domain_registration module (#30)

* initial commit * Continuous Integration - terraform fmt and terraform-docs * updated the readme title * added comment headers * Continuous Integration - terraform fmt and terraform-docs * added header to outputs * updated the example * updated the extra_params type to map * Continuous Integration - terraform fmt and terraform-docs * updates to variable extra_params * Continuous Integration - terraform fmt and terraform-docs * updated extra_params to map(any) for all 3 contact forms * Continuous Integration - terraform fmt and terraform-docs * removing contacts for now * Continuous Integration - terraform fmt and terraform-docs * added back in the contacts * Continuous Integration - terraform fmt and terraform-docs * updated contacts to be a map of objects * Continuous Integration - terraform fmt and terraform-docs * back to an object not a map of objects * Continuous Integration - terraform fmt and terraform-docs * corrected each.value to each.key * enforce uppercase on contact_type, contry_code, and state * added outputs * Continuous Integration - terraform fmt and terraform-docs * updated outputs to be plural to match the map output * Continuous Integration - terraform fmt and terraform-docs * cleaned up the variables example * updated example in variables to show a module output * updates to the examples --------- Co-authored-by: zachreborn <zachreborn@users.noreply.github.com>
zachreborn · Aug 20, 2023 · 177b7f4 · 177b7f4
1 parent 021a634
commit 177b7f4
Show file tree

Hide file tree

Showing 5 changed files with 449 additions and 1 deletion.
diff --git a/modules/aws/guardduty/organization/README.md b/modules/aws/guardduty/organization/README.md
@@ -130,7 +130,7 @@ No modules.
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_admin_account_id"></a> [admin\_account\_id](#input\_admin\_account\_id) | (Optional) The AWS account ID for the GuardDuty delegated administrator account. This must be an existing account in the organization. | `string` | `null` | no |
-| <a name="input_auto_enable_organization_members"></a> [auto\_enable\_auto\_enable\_organization\_members](#input\_auto\_enable\_organization\_members) | (Optional) Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are ALL, NEW, NONE. Defaults to ALL. | `string` | `"ALL"` | no |
+| <a name="input_auto_enable_organization_members"></a> [auto\_enable\_organization\_members](#input\_auto\_enable\_organization\_members) | (Optional) Indicates the auto-enablement configuration of GuardDuty for the member accounts in the organization. Valid values are ALL, NEW, NONE. Defaults to ALL. | `string` | `"ALL"` | no |
 | <a name="input_enable"></a> [enable](#input\_enable) | (Optional) Enable monitoring and feedback reporting. Setting to false is equivalent to 'suspending' GuardDuty. Defaults to true. | `bool` | `true` | no |
 | <a name="input_finding_publishing_frequency"></a> [finding\_publishing\_frequency](#input\_finding\_publishing\_frequency) | (Optional) Specifies the frequency of notifications sent for subsequent finding occurrences. If the detector is a GuardDuty member account, the value is determined by the GuardDuty primary account and cannot be modified, otherwise defaults to SIX\_HOURS. For standalone and GuardDuty primary accounts, it must be configured in Terraform to enable drift detection. Valid values for standalone and primary accounts: FIFTEEN\_MINUTES, ONE\_HOUR, SIX\_HOURS. See AWS Documentation for more information. | `string` | `"SIX_HOURS"` | no |
 | <a name="input_s3_logs_enable"></a> [s3\_logs\_enable](#input\_s3\_logs\_enable) | (Optional) When this setting is enabled, GuardDuty will automatically enable S3 data sources for new accounts in the organization. Defaults to true. | `bool` | `true` | no |

diff --git a/modules/aws/route53/registered_domain/README.md b/modules/aws/route53/registered_domain/README.md
@@ -0,0 +1,218 @@
+<!-- Blank module readme template: Do a search and replace with your text editor for the following: `module_name`, `module_description` -->
+<!-- Improved compatibility of back to top link: See: https://github.com/othneildrew/Best-README-Template/pull/73 -->
+<a name="readme-top"></a>
+
+
+<!-- PROJECT SHIELDS -->
+<!--
+*** I'm using markdown "reference style" links for readability.
+*** Reference links are enclosed in brackets [ ] instead of parentheses ( ).
+*** See the bottom of this document for the declaration of the reference variables
+*** for contributors-url, forks-url, etc. This is an optional, concise syntax you may use.
+*** https://www.markdownguide.org/basic-syntax/#reference-style-links
+-->
+[![Contributors][contributors-shield]][contributors-url]
+[![Forks][forks-shield]][forks-url]
+[![Stargazers][stars-shield]][stars-url]
+[![Issues][issues-shield]][issues-url]
+[![MIT License][license-shield]][license-url]
+[![LinkedIn][linkedin-shield]][linkedin-url]
+
+
+<!-- PROJECT LOGO -->
+<br />
+<div align="center">
+  <a href="https://github.com/zachreborn/terraform-modules">
+    <img src="/images/terraform_modules_logo.webp" alt="Logo" width="300" height="300">
+  </a>
+
+<h3 align="center">Route53 Registered Domain</h3>
+  <p align="center">
+    This module manages the registration of a domain with Route53. This module does not create a registar, but per Terraform will manage the registration of a domain already transfered or registered with Route53.
+    <br />
+    <a href="https://github.com/zachreborn/terraform-modules"><strong>Explore the docs »</strong></a>
+    <br />
+    <br />
+    <a href="https://zacharyhill.co">Zachary Hill</a>
+    ·
+    <a href="https://github.com/zachreborn/terraform-modules/issues">Report Bug</a>
+    ·
+    <a href="https://github.com/zachreborn/terraform-modules/issues">Request Feature</a>
+  </p>
+</div>
+
+
+<!-- TABLE OF CONTENTS -->
+<details>
+  <summary>Table of Contents</summary>
+  <ol>
+    <li><a href="#usage">Usage</a></li>
+    <li><a href="#requirements">Requirements</a></li>
+    <li><a href="#providers">Providers</a></li>
+    <li><a href="#modules">Modules</a></li>
+    <li><a href="#Resources">Resources</a></li>
+    <li><a href="#inputs">Inputs</a></li>
+    <li><a href="#outputs">Outputs</a></li>
+    <li><a href="#license">License</a></li>
+    <li><a href="#contact">Contact</a></li>
+    <li><a href="#acknowledgments">Acknowledgments</a></li>
+  </ol>
+</details>
+
+
+<!-- USAGE EXAMPLES -->
+## Usage
+### Simple Example
+This example will manage a registered domain with Route53. The domain will be registered with the provided contact information. The domain will be registered with the provided name servers. The domain will be locked from transfer. The domain will be set to auto renew.
+
+```hcl
+module "registered_domains" {
+  source             = "github.com/zachreborn/terraform-modules//modules/aws/route53/registered_domain"
+  admin_contact      = var.my_contact_info
+  registrant_contact = var.my_contact_info
+  tech_contact       = var.my_contact_info
+  domains = {
+    "example.com" = {
+      auto_renew    = true
+      name_servers  = module.example_com.name_servers
+      transfer_lock = true
+    },
+    "example.org" = {
+      auto_renew    = true
+      name_servers  = [
+        "ns-123.awsdns-12.org",
+        "ns-456.awsdns-34.org"
+        "ns-123.awsdns-56.org",
+      ]
+      transfer_lock = true
+    }
+  }
+
+  tags = {
+    terraform   = "true"
+    created_by  = "John Doe"
+    environment = "prod"
+    role        = "external dns"
+  }
+}
+
+variable "my_contact_info" {
+  description = "Domain name registration contact information."
+  default = {
+    address_line_1    = "123 Broadway Ave"
+    address_line_2    = ""
+    city              = "Duluth"
+    contact_type      = "Company"
+    country_code      = "US"
+    email             = "me@example.org"
+    extra_params      = {}
+    fax               = ""
+    first_name        = "John"
+    last_name         = "Doe"
+    organization_name = "Example"
+    phone_number      = "+1.5551234567"
+    state             = "MN"
+    zip_code          = "11111"
+  }
+}
+```
+
+_For more examples, please refer to the [Documentation](https://github.com/zachreborn/terraform-modules)_
+
+<p align="right">(<a href="#readme-top">back to top</a>)</p>
+
+<!-- terraform-docs output will be input automatically below-->
+<!-- terraform-docs markdown table --output-file README.md --output-mode inject .-->
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.0.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.0.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_route53domains_registered_domain.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53domains_registered_domain) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_admin_contact"></a> [admin\_contact](#input\_admin\_contact) | The admin contact information for the domain. | <pre>object({<br>    address_line_1    = string<br>    address_line_2    = string<br>    city              = string<br>    contact_type      = string<br>    country_code      = string<br>    email             = string<br>    extra_params      = map(any)<br>    fax               = string<br>    first_name        = string<br>    last_name         = string<br>    organization_name = string<br>    phone_number      = string<br>    state             = string<br>    zip_code          = string<br>  })</pre> | n/a | yes |
+| <a name="input_admin_privacy"></a> [admin\_privacy](#input\_admin\_privacy) | Whether to enable admin privacy protection. Default is true. | `bool` | `true` | no |
+| <a name="input_domains"></a> [domains](#input\_domains) | A map of domains to register with Route53. | <pre>map(object({<br>    auto_renew    = bool<br>    name_servers  = list(string)<br>    transfer_lock = bool<br>  }))</pre> | n/a | yes |
+| <a name="input_registrant_contact"></a> [registrant\_contact](#input\_registrant\_contact) | The registrant contact information for the domain. | <pre>object({<br>    address_line_1    = string<br>    address_line_2    = string<br>    city              = string<br>    contact_type      = string<br>    country_code      = string<br>    email             = string<br>    extra_params      = map(any)<br>    fax               = string<br>    first_name        = string<br>    last_name         = string<br>    organization_name = string<br>    phone_number      = string<br>    state             = string<br>    zip_code          = string<br>  })</pre> | n/a | yes |
+| <a name="input_registrant_privacy"></a> [registrant\_privacy](#input\_registrant\_privacy) | Whether to enable registrant privacy protection. Default is true. | `bool` | `true` | no |
+| <a name="input_tags"></a> [tags](#input\_tags) | A mapping of tags to assign to the resource. | `map(string)` | <pre>{<br>  "terraform": "true"<br>}</pre> | no |
+| <a name="input_tech_contact"></a> [tech\_contact](#input\_tech\_contact) | The tech contact information for the domain. | <pre>object({<br>    address_line_1    = string<br>    address_line_2    = string<br>    city              = string<br>    contact_type      = string<br>    country_code      = string<br>    email             = string<br>    extra_params      = map(any)<br>    fax               = string<br>    first_name        = string<br>    last_name         = string<br>    organization_name = string<br>    phone_number      = string<br>    state             = string<br>    zip_code          = string<br>  })</pre> | n/a | yes |
+| <a name="input_tech_privacy"></a> [tech\_privacy](#input\_tech\_privacy) | Whether to enable tech privacy protection. Default is true. | `bool` | `true` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_creation_dates"></a> [creation\_dates](#output\_creation\_dates) | The creation date of the domain. |
+| <a name="output_expiration_dates"></a> [expiration\_dates](#output\_expiration\_dates) | The expiration date of the domain. |
+| <a name="output_updated_dates"></a> [updated\_dates](#output\_updated\_dates) | The last updated date of the domain. |
+| <a name="output_whois_servers"></a> [whois\_servers](#output\_whois\_servers) | The whois server of the domain. |
+<!-- END_TF_DOCS -->
+
+<!-- LICENSE -->
+## License
+
+Distributed under the MIT License. See `LICENSE.txt` for more information.
+
+<p align="right">(<a href="#readme-top">back to top</a>)</p>
+
+
+
+<!-- CONTACT -->
+## Contact
+
+Zachary Hill - [![LinkedIn][linkedin-shield]][linkedin-url] - zhill@zacharyhill.co
+
+Project Link: [https://github.com/zachreborn/terraform-modules](https://github.com/zachreborn/terraform-modules)
+
+<p align="right">(<a href="#readme-top">back to top</a>)</p>
+
+
+
+<!-- ACKNOWLEDGMENTS -->
+## Acknowledgments
+
+* [Zachary Hill](https://zacharyhill.co)
+* [Jake Jones](https://github.com/jakeasarus)
+
+<p align="right">(<a href="#readme-top">back to top</a>)</p>
+
+
+<!-- MARKDOWN LINKS & IMAGES -->
+<!-- https://www.markdownguide.org/basic-syntax/#reference-style-links -->
+[contributors-shield]: https://img.shields.io/github/contributors/zachreborn/terraform-modules.svg?style=for-the-badge
+[contributors-url]: https://github.com/zachreborn/terraform-modules/graphs/contributors
+[forks-shield]: https://img.shields.io/github/forks/zachreborn/terraform-modules.svg?style=for-the-badge
+[forks-url]: https://github.com/zachreborn/terraform-modules/network/members
+[stars-shield]: https://img.shields.io/github/stars/zachreborn/terraform-modules.svg?style=for-the-badge
+[stars-url]: https://github.com/zachreborn/terraform-modules/stargazers
+[issues-shield]: https://img.shields.io/github/issues/zachreborn/terraform-modules.svg?style=for-the-badge
+[issues-url]: https://github.com/zachreborn/terraform-modules/issues
+[license-shield]: https://img.shields.io/github/license/zachreborn/terraform-modules.svg?style=for-the-badge
+[license-url]: https://github.com/zachreborn/terraform-modules/blob/master/LICENSE.txt
+[linkedin-shield]: https://img.shields.io/badge/-LinkedIn-black.svg?style=for-the-badge&logo=linkedin&colorB=555
+[linkedin-url]: https://www.linkedin.com/in/zachary-hill-5524257a/
+[product-screenshot]: /images/screenshot.webp
+[Terraform.io]: https://img.shields.io/badge/Terraform-7B42BC?style=for-the-badge&logo=terraform
+[Terraform-url]: https://terraform.io
diff --git a/modules/aws/route53/registered_domain/main.tf b/modules/aws/route53/registered_domain/main.tf
@@ -0,0 +1,87 @@
+terraform {
+  required_version = ">= 1.0.0"
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 4.0.0"
+    }
+  }
+}
+
+###########################
+# Data Sources
+###########################
+
+########################################
+# Route 53 Registered Domains
+########################################
+resource "aws_route53domains_registered_domain" "this" {
+  for_each = var.domains
+
+  admin_privacy      = var.admin_privacy
+  auto_renew         = each.value.auto_renew
+  domain_name        = each.key
+  registrant_privacy = var.registrant_privacy
+  tags               = var.tags
+  tech_privacy       = var.tech_privacy
+  transfer_lock      = each.value.transfer_lock
+
+  admin_contact {
+    address_line_1    = var.admin_contact.address_line_1
+    address_line_2    = var.admin_contact.address_line_2
+    city              = var.admin_contact.city
+    contact_type      = upper(var.admin_contact.contact_type)
+    country_code      = upper(var.admin_contact.country_code)
+    email             = var.admin_contact.email
+    extra_params      = var.admin_contact.extra_params
+    fax               = var.admin_contact.fax
+    first_name        = var.admin_contact.first_name
+    last_name         = var.admin_contact.last_name
+    organization_name = var.admin_contact.organization_name
+    phone_number      = var.admin_contact.phone_number
+    state             = upper(var.admin_contact.state)
+    zip_code          = var.admin_contact.zip_code
+  }
+
+  registrant_contact {
+    address_line_1    = var.registrant_contact.address_line_1
+    address_line_2    = var.registrant_contact.address_line_2
+    city              = var.registrant_contact.city
+    contact_type      = upper(var.registrant_contact.contact_type)
+    country_code      = upper(var.registrant_contact.country_code)
+    email             = var.registrant_contact.email
+    extra_params      = var.registrant_contact.extra_params
+    fax               = var.registrant_contact.fax
+    first_name        = var.registrant_contact.first_name
+    last_name         = var.registrant_contact.last_name
+    organization_name = var.registrant_contact.organization_name
+    phone_number      = var.registrant_contact.phone_number
+    state             = upper(var.registrant_contact.state)
+    zip_code          = var.registrant_contact.zip_code
+  }
+
+  tech_contact {
+    address_line_1    = var.tech_contact.address_line_1
+    address_line_2    = var.tech_contact.address_line_2
+    city              = var.tech_contact.city
+    contact_type      = upper(var.tech_contact.contact_type)
+    country_code      = upper(var.tech_contact.country_code)
+    email             = var.tech_contact.email
+    extra_params      = var.tech_contact.extra_params
+    fax               = var.tech_contact.fax
+    first_name        = var.tech_contact.first_name
+    last_name         = var.tech_contact.last_name
+    organization_name = var.tech_contact.organization_name
+    phone_number      = var.tech_contact.phone_number
+    state             = upper(var.tech_contact.state)
+    zip_code          = var.tech_contact.zip_code
+  }
+
+  dynamic "name_server" {
+    for_each = each.value.name_servers
+
+    content {
+      name = name_server.value
+    }
+  }
+}
diff --git a/modules/aws/route53/registered_domain/outputs.tf b/modules/aws/route53/registered_domain/outputs.tf
@@ -0,0 +1,34 @@
+########################################
+# Route 53 Registered Domains
+########################################
+output "creation_dates" {
+  description = "The creation date of the domain."
+  value = {
+    for domain in aws_route53domains_registered_domain.this :
+    domain.domain_name => domain.creation_date
+  }
+}
+
+output "expiration_dates" {
+  description = "The expiration date of the domain."
+  value = {
+    for domain in aws_route53domains_registered_domain.this :
+    domain.domain_name => domain.expiration_date
+  }
+}
+
+output "updated_dates" {
+  description = "The last updated date of the domain."
+  value = {
+    for domain in aws_route53domains_registered_domain.this :
+    domain.domain_name => domain.updated_date
+  }
+}
+
+output "whois_servers" {
+  description = "The whois server of the domain."
+  value = {
+    for domain in aws_route53domains_registered_domain.this :
+    domain.domain_name => domain.whois_server
+  }
+}