self-hosted/teleport
self-hosted/teleport
1
0
Fork 0
mirror of https://github.com/gravitational/teleport synced 2024-10-19 00:33:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
teleport/examples/aws/terraform/starter-cluster/route53.tf
Gus Luxton 57242e86d1
Add support for configuring TLS routing (#31237) 
Pass var through and update Makefile

Don't create listeners unnecessarily

Fix tests

Apply TLS routing to starter cluster setups

use_tls_routing var

Update config gen and tests

Fix kube_public_addr

Expose 3026 on starter cluster

terraform fmt

Set default authentication to also allow webauthn

Add second_factor config to FIPS setups

Get tarballs from CDN and install tbot

Add ACM support to starter-cluster

Make target group attachement conditional on ACM

Remove quotes from public addresses

Remove quotes from listen_addrs

Add proxy_service.trust_x_forwarded_for

Add outputs for starter-cluster

Add outputs to ha-autoscale-cluster
2023-09-11 21:03:27 +00:00

54 lines
1.5 KiB
HCL
Raw Blame History

/*
Route53 is used to configure SSL for this cluster. A
Route53 hosted zone must exist in the AWS account for
this automation to work.
*/
// Create A record to instance IP when ACM is disabled
resource "aws_route53_record" "cluster" {
zone_id = data.aws_route53_zone.cluster.zone_id
name = var.route53_domain
type = "A"
ttl = 300
records = [aws_instance.cluster.public_ip]
count = var.use_acm ? 0 : 1
}
// Create A record to instance IP for wildcard subdomain when ACM is disabled
resource "aws_route53_record" "wildcard-cluster" {
zone_id = data.aws_route53_zone.cluster.zone_id
name = "*.${var.route53_domain}"
type = "A"
ttl = 300
records = [aws_instance.cluster.public_ip]
count = var.add_wildcard_route53_record && !var.use_acm ? 1 : 0
}
// ACM (ALB)
resource "aws_route53_record" "cluster_acm" {
zone_id = data.aws_route53_zone.cluster.zone_id
name = var.route53_domain
type = "A"
count = var.use_acm ? 1 : 0
alias {
name = aws_lb.cluster[0].dns_name
zone_id = aws_lb.cluster[0].zone_id
evaluate_target_health = true
}
}
// ACM (ALB) Wildcard
resource "aws_route53_record" "proxy_acm_wildcard" {
zone_id = data.aws_route53_zone.cluster.zone_id
name = "*.${var.route53_domain}"
type = "A"
count = var.add_wildcard_route53_record && var.use_acm ? 1 : 0
alias {
name = aws_lb.cluster[0].dns_name
zone_id = aws_lb.cluster[0].zone_id
evaluate_target_health = true
}
}
Reference in a new issue View git blame Copy permalink