DnsAuthorization represents a HTTP-reachable backend for a DnsAuthorization.
resource "google_certificate_manager_dns_authorization" "default" {
name = "dns-auth"
location = "global"
description = "The default dns"
domain = "subdomain.hashicorptest.com"
}
output "record_name_to_insert" {
value = google_certificate_manager_dns_authorization.default.dns_resource_record.0.name
}
output "record_type_to_insert" {
value = google_certificate_manager_dns_authorization.default.dns_resource_record.0.type
}
output "record_data_to_insert" {
value = google_certificate_manager_dns_authorization.default.dns_resource_record.0.data
}
resource "google_certificate_manager_dns_authorization" "default" {
name = "dns-auth"
location = "us-central1"
description = "reginal dns"
type = "PER_PROJECT_RECORD"
domain = "subdomain.hashicorptest.com"
}
The following arguments are supported:
domain
-
(Required)
A domain which is being authorized. A DnsAuthorization resource covers a
single domain and its wildcard, e.g. authorization for "example.com" can
be used to issue certificates for "example.com" and "*.example.com".
name
-
(Required)
Name of the resource; provided by the client when the resource is created.
The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter,
and all following characters must be a dash, underscore, letter or digit.
description
-
(Optional)
A human-readable description of the resource.
labels
-
(Optional)
Set of label tags associated with the DNS Authorization resource.
Note: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field effective_labels
for all of the labels present on the resource.
type
-
(Optional)
type of DNS authorization. If unset during the resource creation, FIXED_RECORD will
be used for global resources, and PER_PROJECT_RECORD will be used for other locations.
FIXED_RECORD DNS authorization uses DNS-01 validation method
PER_PROJECT_RECORD DNS authorization allows for independent management
of Google-managed certificates with DNS authorization across multiple
projects.
Possible values are: FIXED_RECORD
, PER_PROJECT_RECORD
.
location
-
(Optional)
The Certificate Manager location. If not specified, "global" is used.
project
- (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.
In addition to the arguments listed above, the following computed attributes are exported:
id
- an identifier for the resource with format projects/{{project}}/locations/{{location}}/dnsAuthorizations/{{name}}
dns_resource_record
-
The structure describing the DNS Resource Record that needs to be added
to DNS configuration for the authorization to be usable by
certificate.
Structure is documented below.
terraform_labels
-
The combination of labels configured directly on the resource
and default labels configured on the provider.
effective_labels
-
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Terraform, other clients and services.
The dns_resource_record
block contains:
name
-
(Output)
Fully qualified name of the DNS Resource Record.
E.g. _acme-challenge.example.com
.
type
-
(Output)
Type of the DNS Resource Record.
data
-
(Output)
Data of the DNS Resource Record.
This resource provides the following Timeouts configuration options:
create
- Default is 20 minutes.update
- Default is 20 minutes.delete
- Default is 20 minutes.DnsAuthorization can be imported using any of these accepted formats:
projects/{{project}}/locations/{{location}}/dnsAuthorizations/{{name}}
{{project}}/{{location}}/{{name}}
{{location}}/{{name}}
In Terraform v1.5.0 and later, use an import
block to import DnsAuthorization using one of the formats above. For example:
import {
id = "projects/{{project}}/locations/{{location}}/dnsAuthorizations/{{name}}"
to = google_certificate_manager_dns_authorization.default
}
When using the terraform import
command, DnsAuthorization can be imported using one of the formats above. For example:
$ terraform import google_certificate_manager_dns_authorization.default projects/{{project}}/locations/{{location}}/dnsAuthorizations/{{name}}
$ terraform import google_certificate_manager_dns_authorization.default {{project}}/{{location}}/{{name}}
$ terraform import google_certificate_manager_dns_authorization.default {{location}}/{{name}}
This resource supports User Project Overrides.