我在文档中没有找到有用的信息。这个能用terraform完成吗?
3个回答
17
注册域名需要从域名注册商那里承诺最少12个月的使用期。
Terraform和AWS CloudFormation等工具可用于创建、更新和删除基础设施,如网络、EC2实例和数据库。
虽然AWS确实提供了注册域名的功能(通过gandi.net完成),但您不应该使用像Terraform这样的工具进行此操作,因为您不能简单地“注销”域名。
您可以选择使用这些工具向现有域名添加子域名。但它们并不适用于最初购买域名的情况。
- John Rotenstein
2
谢谢您的评论,那么有没有其他自动化此任务的方法?是否有我可以使用的Python模块或AWS CLI? - deez
1我发现aws cli和boto3都有register_domain选项,我可以使用它,谢谢! - deez
1
Terraform中的AWS提供程序现在支持注册和管理域名:https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53domains_registered_domain
请务必阅读文档页面顶部的细则。在删除时,此资源的行为会有所不同。
resource "aws_route53domains_registered_domain" "example" {
domain_name = "example.com"
name_server {
name = "ns-195.awsdns-24.com"
}
name_server {
name = "ns-874.awsdns-45.net"
}
tags = {
Environment = "test"
}
}
请务必阅读文档页面顶部的细则。在删除时,此资源的行为会有所不同。
- Skaronator
0
下面是一个使用AWS cli来完成这个任务的自定义模块。
README.md
描述
此模块将检查AWS域名是否已在您的AWS账户中注册。
如果该域名未注册到您的账户,则将尝试注册它。
然后,它将验证是否成功注册。
注意事项
变量提供的注册信息仅在注册域名时使用。
注册域名后,此模块不会尝试保持注册属性的同步。
这意味着如果您(1)注册域名,然后(2)修改注册变量(例如organization_name),任何更改都将不会被检测到。
验证
当您注册新域名时,您需要通过提供的电子邮件进行确认。
注册后,您应该收到来自AWS的电子邮件,主题为Verify your email address for <domain_name>
域名将立即注册,您有14天的时间来验证电子邮件,否则将失去该域名。
variables.tf
variable "name" {
description = "Name of the project, e.g. my-project"
type = string
}
variable "environment" {
description = "The environment, e.g. prod"
type = string
}
variable "aws_region" {
description = "'This command runs only in the us-east-1 region' - https://awscli.amazonaws.com/v2/documentation/api/latest/reference/route53domains/register-domain.html"
type = string
default = "us-east-1"
}
variable "auto_renew" {
description = "Auto renew the domain when it expires, e.g. true"
type = bool
default = true
}
variable "duration_years" {
description = "Number of years until the domain expires, e.g. 1"
type = number
default = 1
}
variable "privacy_protect_contact" {
description = "Hide your contact details in the WHOIS record, e.g. true"
type = bool
default = true
}
variable "domain_name" {
description = "The domain name to register, e.g. website.com"
type = string
}
variable "first_name" {
description = "The first name for the registrar contact"
type = string
}
variable "last_name" {
description = "The last name for the registrar contact"
type = string
}
variable "organization_name" {
description = "The organization name for the registrar contact"
type = string
}
variable "address_line_1" {
description = "The address for the registrar contact, e.g. 1 Main Street"
type = string
}
variable "city" {
description = "The city for the registrar contact, e.g. New York City"
type = string
}
variable "state" {
description = "The state for the registrar contact, e.g. NY"
type = string
}
variable "country_code" {
description = "The country_code for the registrar contact, e.g. US"
type = string
}
variable "zip_code" {
description = "The zip_code for the registrar contact, e.g. 10001"
type = string
}
variable "phone" {
description = "The phone for the registrar contact, e.g. +1.8005551212"
type = string
}
variable "email" {
description = "The email for the registrar contact, e.g. contact@website.com"
type = string
}
main.tf
locals {
cli_input_json_path = "${path.module}/cli_input_json/${var.name}-${var.environment}.json"
}
resource "local_file" "cli_input_json" {
filename = local.cli_input_json_path
content = <<-EOF
{
"DomainName": "${var.domain_name}",
"DurationInYears": ${var.duration_years},
"AutoRenew": ${var.auto_renew},
"PrivacyProtectAdminContact": ${var.privacy_protect_contact},
"PrivacyProtectRegistrantContact": ${var.privacy_protect_contact},
"PrivacyProtectTechContact": ${var.privacy_protect_contact},
"AdminContact": {
"ContactType": "PERSON",
"FirstName": "${var.first_name}",
"LastName": "${var.last_name}",
"OrganizationName": "${var.organization_name}",
"AddressLine1": "${var.address_line_1}",
"City": "${var.city}",
"State": "${var.state}",
"CountryCode": "${var.country_code}",
"ZipCode": "${var.zip_code}",
"PhoneNumber": "${var.phone}",
"Email": "${var.email}"
},
"RegistrantContact": {
"ContactType": "PERSON",
"FirstName": "${var.first_name}",
"LastName": "${var.last_name}",
"OrganizationName": "${var.organization_name}",
"AddressLine1": "${var.address_line_1}",
"City": "${var.city}",
"State": "${var.state}",
"CountryCode": "${var.country_code}",
"ZipCode": "${var.zip_code}",
"PhoneNumber": "${var.phone}",
"Email": "${var.email}"
},
"TechContact": {
"ContactType": "PERSON",
"FirstName": "${var.first_name}",
"LastName": "${var.last_name}",
"OrganizationName": "${var.organization_name}",
"AddressLine1": "${var.address_line_1}",
"City": "${var.city}",
"State": "${var.state}",
"CountryCode": "${var.country_code}",
"ZipCode": "${var.zip_code}",
"PhoneNumber": "${var.phone}",
"Email": "${var.email}"
}
}
EOF
}
resource "null_resource" "aws_register_domain" {
provisioner "local-exec" {
command = "${path.module}/aws_register_domain.sh"
environment = {
aws_region = var.aws_region
domain_name = var.domain_name
cli_input_json_path = local.cli_input_json_path
}
}
depends_on = [
local_file.cli_input_json
]
}
aws_register_domain.sh
#!/usr/bin/env bash
set -e
##
# Validate expected environment variables
##
if [[ -z "$aws_region" ]]; then
echo 'aws_register_domain: no value for $aws_region' >&2
exit 1
fi
if [[ -z "$domain_name" ]]; then
echo 'aws_register_domain: no value for $domain_name' >&2
exit 1
fi
if [[ -z "$cli_input_json_path" ]]; then
echo 'aws_register_domain: no value for $cli_input_json_path' >&2
exit 1
fi
##
# Check if domain is already registered to our account
##
echo "aws_register_domain: Checking if domain $domain_name is already registered in this AWS account"
registration_check=$(
(
aws route53domains get-domain-detail \
--region "$aws_region" \
--domain-name "$domain_name" \
2>&1 \
) || :
)
# https://dev59.com/tGct5IYBdhLWcg3wvf7K#16951928
re_escape() {
sed 's/[][\.|$(){}?+*^]/\\&/g' <<< "$*"
}
domain_name_escaped=`re_escape "$domain_name"`
already_exists=`((echo "$registration_check" | grep -Eq 'Domain '"$domain_name_escaped"' not found in [0-9]+ account') && echo 'no') || echo 'yes'`
if [[ "$already_exists" == 'yes' ]]; then
echo "aws_register_domain: Domain $domain_name is already registered in this AWS account"
exit 0
elif [[ "$already_exists" == 'no' ]]; then
found_domain_name=`echo "$registration_check" | jq -r '.DomainName'`
if [[ "$found_domain_name" != "$domain_name" ]]; then
echo "aws_register_domain: Expected found_domain_name to be '$domain_name' but found '$found_domain_name'" >&2
exit 1
fi
else
echo "aws_register_domain: Expected already_exists to be 'yes' or 'no' but found '$already_exists'" >&2
exit 1
fi
##
# Register the domain
##
echo "aws_register_domain: Attempting to register domain defined in '$cli_input_json_path'"
operation_id=$(
aws route53domains register-domain \
--region "$aws_region" \
--cli-input-json "file://$cli_input_json_path" \
| jq -r '.OperationId'
)
if [[ -z "$operation_id" ]]; then
echo 'aws_register_domain: no OperationId returned' >&2
exit 1
fi
echo "aws_register_domain: Pending registration's OperationId = $operation_id"
##
# Wait while domain registration is IN_PROGRESS
##
while true; do
operation_info=$(
aws route53domains get-operation-detail \
--region "$aws_region" \
--operation-id "$operation_id"
)
operation_status=`echo "$operation_info" | jq -r '.Status'`
if [[ "$operation_status" != 'IN_PROGRESS' ]]; then
break
fi
sleep 10
end
##
# Validate successful domain registration
##
echo "aws_register_domain: Registration finished with $operation_info"
expected_status='SUCCESSFUL'
if [[ "$operation_status" != "$expected_status" ]]; then
echo "aws_register_domain: Expected final status of '$expected_status' but found '$operation_status'" >&2
exit 1
fi
- sam-6174
网页内容由stack overflow 提供, 点击上面的可以查看英文原文,
原文链接
原文链接
- 相关问题
- 12 使用Terraform在AWS RDS PostgreSQL上启用PostGIS。
- 17 在AWS上使用terraform实现多可用区部署
- 9 使用AWS ec2实例注册GoDaddy域名
- 3 使用Terraform在AWS IAM上循环渲染JSON策略
- 8 如何使用Terraform在AWS RDS上禁用删除保护?
- 3 Terraform - AWS Route53 防止域名删除
- 7 Terraform:如何确保我在预期的AWS账户上运行terraform
- 5 在AWS中使用Terraform模块进行Terraform导入
- 8 使用Terraform获取托管在Route53上的域名的zone_id
- 10 如何使用Terraform在AWS上启用CORS