googleDnsResponsePolicyRule
A Response Policy Rule is a selector that applies its behavior to queries that match the selector. Selectors are DNS names, which may be wildcards or exact matches. Each DNS query subject to a Response Policy matches at most one ResponsePolicyRule, as identified by the dns_name field with the longest matching suffix.
\~> Warning: This resource is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta resources.
Example Usage - Dns Response Policy Rule Basic
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const googleComputeNetworkNetwork1 = new google.computeNetwork.ComputeNetwork(
this,
"network-1",
{
auto_create_subnetworks: false,
name: "network-1",
provider: "${google-beta}",
}
);
const googleComputeNetworkNetwork2 = new google.computeNetwork.ComputeNetwork(
this,
"network-2",
{
auto_create_subnetworks: false,
name: "network-2",
provider: "${google-beta}",
}
);
const googleDnsResponsePolicyResponsePolicy =
new google.dnsResponsePolicy.DnsResponsePolicy(this, "response-policy", {
networks: [
{
network_url: googleComputeNetworkNetwork1.id,
},
{
network_url: googleComputeNetworkNetwork2.id,
},
],
provider: "${google-beta}",
response_policy_name: "example-response-policy",
});
new google.dnsResponsePolicyRule.DnsResponsePolicyRule(
this,
"example-response-policy-rule",
{
dns_name: "dns.example.com.",
local_data: [
{
local_datas: [
{
name: "dns.example.com.",
rrdatas: ["192.0.2.91"],
ttl: 300,
type: "A",
},
],
},
],
provider: "${google-beta}",
response_policy: googleDnsResponsePolicyResponsePolicy.responsePolicyName,
rule_name: "example-rule",
}
);
Argument Reference
The following arguments are supported:
-
ruleName
- (Required) An identifier for this rule. Must be unique with the ResponsePolicy. -
dnsName
- (Required) The DNS name (wildcard or exact) to apply this rule to. Must be unique within the Response Policy Rule. -
responsePolicy
- (Required) Identifies the response policy addressed by this request.
-
localData
- (Optional) Answer this query directly with DNS data. These ResourceRecordSets override any other DNS behavior for the matched name; in particular they override private zones, the public internet, and GCP internal DNS. No SOA nor NS types are allowed. Structure is documented below. -
behavior
- (Optional) Answer this query with a behavior rather than DNS data. Acceptable values are 'behaviorUnspecified', and 'bypassResponsePolicy' -
project
- (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
localDatas
- (Required) All resource record sets for this selector, one per resource record type. The name must match the dns_name. Structure is documented below.
The localDatas
block supports:
-
name
- (Required) For example, www.example.com. -
type
- (Required) One of valid DNS resource types. Possible values area
,aaaa
,caa
,cname
,dnskey
,ds
,https
,ipsecvpnkey
,mx
,naptr
,ns
,ptr
,soa
,spf
,srv
,sshfp
,svcb
,tlsa
, andtxt
. -
ttl
- (Optional) Number of seconds that this ResourceRecordSet can be cached by resolvers. -
rrdatas
- (Optional) As defined in RFC 1035 (section 5) and RFC 1034 (section 3.6.1)
Attributes Reference
In addition to the arguments listed above, the following computed attributes are exported:
id
- an identifier for the resource with formatprojects/{{project}}/responsePolicies/{{responsePolicy}}/rules/{{ruleName}}
Timeouts
This resource provides the following Timeouts configuration options:
create
- Default is 20 minutes.update
- Default is 20 minutes.delete
- Default is 20 minutes.
Import
ResponsePolicyRule can be imported using any of these accepted formats:
$ terraform import google_dns_response_policy_rule.default projects/{{project}}/responsePolicies/{{response_policy}}/rules/{{rule_name}}
$ terraform import google_dns_response_policy_rule.default {{project}}/{{response_policy}}/{{rule_name}}
$ terraform import google_dns_response_policy_rule.default {{response_policy}}/{{rule_name}}
User Project Overrides
This resource supports User Project Overrides.