diff --git a/modules/dns/README.md b/modules/dns/README.md
index fc57afd953..9e461f0e51 100644
--- a/modules/dns/README.md
+++ b/modules/dns/README.md
@@ -1,6 +1,6 @@
# Google Cloud DNS Module
-This module allows simple management of Google Cloud DNS zones and records. It supports creating public, private, forwarding, peering and service directory based zones.
+This module allows simple management of Google Cloud DNS zones and records. It supports creating public, private, forwarding, peering, service directory and reverse-managed based zones.
For DNSSEC configuration, refer to the [`dns_managed_zone` documentation](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/dns_managed_zone#dnssec_config).
@@ -86,6 +86,20 @@ module "private-dns" {
}
# tftest modules=1 resources=4
```
+
+### Reverse Lookup Zone
+
+```hcl
+module "private-dns" {
+ source = "./fabric/modules/dns"
+ project_id = "myproject"
+ type = "reverse-managed"
+ name = "test-example"
+ domain = "0.0.10.in-addr.arpa."
+ client_networks = [var.vpc.self_link]
+}
+# tftest modules=1 resources=1
+```
## Variables
@@ -103,7 +117,7 @@ module "private-dns" {
| [peer_network](variables.tf#L77) | Peering network self link, only valid for 'peering' zone types. | string | | null |
| [recordsets](variables.tf#L88) | Map of DNS recordsets in \"type name\" => {ttl, [records]} format. | map(object({…})) | | {} |
| [service_directory_namespace](variables.tf#L123) | Service directory namespace id (URL), only valid for 'service-directory' zone types. | string | | null |
-| [type](variables.tf#L129) | Type of zone to create, valid values are 'public', 'private', 'forwarding', 'peering', 'service-directory'. | string | | "private" |
+| [type](variables.tf#L129) | Type of zone to create, valid values are 'public', 'private', 'forwarding', 'peering', 'service-directory','reverse-managed'. | string | | "private" |
| [zone_create](variables.tf#L139) | Create zone. When set to false, uses a data source to reference existing zone. | bool | | true |
## Outputs
diff --git a/modules/dns/main.tf b/modules/dns/main.tf
index c168776113..ca30c7d0c7 100644
--- a/modules/dns/main.tf
+++ b/modules/dns/main.tf
@@ -66,13 +66,14 @@ locals {
}
resource "google_dns_managed_zone" "non-public" {
- count = (var.zone_create && var.type != "public") ? 1 : 0
- provider = google-beta
- project = var.project_id
- name = var.name
- dns_name = var.domain
- description = var.description
- visibility = "private"
+ count = (var.zone_create && var.type != "public") ? 1 : 0
+ provider = google-beta
+ project = var.project_id
+ name = var.name
+ dns_name = var.domain
+ description = var.description
+ visibility = "private"
+ reverse_lookup = (var.type == "reverse-managed")
dynamic "forwarding_config" {
for_each = (
diff --git a/modules/dns/variables.tf b/modules/dns/variables.tf
index df30327d4c..df80976e32 100644
--- a/modules/dns/variables.tf
+++ b/modules/dns/variables.tf
@@ -127,12 +127,12 @@ variable "service_directory_namespace" {
}
variable "type" {
- description = "Type of zone to create, valid values are 'public', 'private', 'forwarding', 'peering', 'service-directory'."
+ description = "Type of zone to create, valid values are 'public', 'private', 'forwarding', 'peering', 'service-directory','reverse-managed'."
type = string
default = "private"
validation {
- condition = contains(["public", "private", "forwarding", "peering", "service-directory"], var.type)
- error_message = "Zone must be one of 'public', 'private', 'forwarding', 'peering', 'service-directory'."
+ condition = contains(["public", "private", "forwarding", "peering", "service-directory", "reverse-managed"], var.type)
+ error_message = "Zone must be one of 'public', 'private', 'forwarding', 'peering', 'service-directory','reverse-managed'."
}
}