Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/brainsik/terraform-cloudflare-dns-caa

Create Cloudflare DNS CAA records
https://github.com/brainsik/terraform-cloudflare-dns-caa

caa cloudflare dns terraform terraform-module

Last synced: 14 days ago
JSON representation

Create Cloudflare DNS CAA records

Host: GitHub
URL: https://github.com/brainsik/terraform-cloudflare-dns-caa
Owner: brainsik
License: mit
Created: 2022-12-29T05:38:58.000Z (about 2 years ago)
Default Branch: main
Last Pushed: 2024-07-02T23:40:56.000Z (8 months ago)
Last Synced: 2025-01-28T11:40:55.446Z (18 days ago)
Topics: caa, cloudflare, dns, terraform, terraform-module
Language: Shell
Homepage: https://registry.terraform.io/modules/brainsik/dns-caa/cloudflare/latest
Size: 33.2 KB
Stars: 1
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # terraform-cloudflare-dns-caa

Create Cloudflare [DNS CAA records](https://www.rfc-editor.org/rfc/rfc8659).

The Zone ID can be found on the Cloudflare overview page for the domain you

want to add records to.

## Usage

To create a root `example.com` CAA record saying [Let's Encrypt](https://letsencrypt.org)

can issue hostname certificates and _no_ CA can

issue wildcards:

```hcl

module "example_com_caa" {

  source = "brainsik/dns-caa/cloudflare"

  zone_id   = "313372600deadcodebea5751993defc0"

  name      = "example.com"

  issue     = ["letsencrypt.org"]

  issuewild = [";"]

}

```

The same record, but with ACME CAA Account and Method Bindings:

```hcl

module "example_com_caa" {

  source = "brainsik/dns-caa/cloudflare"

  zone_id   = "313372600deadcodebea5751993defc0"

  name      = "example.com"

  issue     = ["letsencrypt.org; accounturi=https://acme-v02.api.letsencrypt.org/acme/acct/123456789; validationmethods=http-01"]

  issuewild = [";"]

}

```

To create a root `example.com` CAA record saying both [Let's Encrypt](https://letsencrypt.org)

and [ZeroSSL](https://zerossl.com) can issue hostname certificates and _no_ CA can

issue wildcards:

```hcl

module "example_com_caa" {

  source = "brainsik/dns-caa/cloudflare"

  zone_id   = "313372600deadcodebea5751993defc0"

  name      = "example.com"

  issue     = ["letsencrypt.org", "sectigo.com"]

  issuewild = [";"]

}

```

## Requirements

| Name | Version |

|------|---------|

|  [terraform](#requirement\_terraform) | >= 1.0 |

|  [cloudflare](#requirement\_cloudflare) | >= 4.0 |

## Providers

| Name | Version |

|------|---------|

|  [cloudflare](#provider\_cloudflare) | >= 4.0 |

## Modules

No modules.

## Resources

| Name | Type |

|------|------|

| [cloudflare_record.caa_iodef](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/record) | resource |

| [cloudflare_record.caa_issue](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/record) | resource |

| [cloudflare_record.caa_issuewild](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/record) | resource |

## Inputs

| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [iodef](#input\_iodef) | URL to send violation reports to | `set(string)` | `[]` | no |

|  [issue](#input\_issue) | Domain name of CA that can issue certificates for specific hostnames | `set(string)` | `[]` | no |

|  [issuewild](#input\_issuewild) | Domain name of CA that can issue wildcard certificates | `set(string)` | `[]` | no |

|  [name](#input\_name) | The name of the record | `string` | n/a | yes |

|  [zone\_id](#input\_zone\_id) | The Cloudflare DNS zone ID to add the record to | `string` | n/a | yes |

## Outputs

No outputs.