route53: adds option to use private zone

2025-01-20 13:15:32 +02:00 · 2024-04-16 23:28:40 +02:00 · 2024-04-16 23:28:40 +02:00 · 1a7423b107
commit 1a7423b107
parent d60c335cc0
3 changed files with 6 additions and 1 deletions
--- a/providers/dns/route53/route53.go
+++ b/providers/dns/route53/route53.go
@ -33,6 +33,7 @@ const (
 	EnvMaxRetries      = envNamespace + "MAX_RETRIES"
 	EnvAssumeRoleArn   = envNamespace + "ASSUME_ROLE_ARN"
 	EnvExternalID      = envNamespace + "EXTERNAL_ID"
+	EnvPrivateZone     = envNamespace + "PRIVATE_ZONE"

 	EnvTTL                = envNamespace + "TTL"
 	EnvPropagationTimeout = envNamespace + "PROPAGATION_TIMEOUT"
@ -52,6 +53,7 @@ type Config struct {
 	MaxRetries    int
 	AssumeRoleArn string
 	ExternalID    string
+	PrivateZone   bool

 	TTL                int
 	PropagationTimeout time.Duration
@ -67,6 +69,7 @@ func NewDefaultConfig() *Config {
 		MaxRetries:    env.GetOrDefaultInt(EnvMaxRetries, 5),
 		AssumeRoleArn: env.GetOrDefaultString(EnvAssumeRoleArn, ""),
 		ExternalID:    env.GetOrDefaultString(EnvExternalID, ""),
+		PrivateZone:   env.GetOrDefaultBool(EnvPrivateZone, false),

 		TTL:                env.GetOrDefaultInt(EnvTTL, 10),
 		PropagationTimeout: env.GetOrDefaultSecond(EnvPropagationTimeout, 2*time.Minute),
@ -299,7 +302,7 @@ func (d *DNSProvider) getHostedZoneID(ctx context.Context, fqdn string) (string,
 	var hostedZoneID string
 	for _, hostedZone := range resp.HostedZones {
 		// .Name has a trailing dot
-		if !hostedZone.Config.PrivateZone && deref(hostedZone.Name) == authZone {
+		if deref(hostedZone.Name) == authZone && (d.config.PrivateZone && hostedZone.Config.PrivateZone || !d.config.PrivateZone && !hostedZone.Config.PrivateZone) {
 			hostedZoneID = deref(hostedZone.Id)
 			break
 		}
--- a/providers/dns/route53/route53.toml
+++ b/providers/dns/route53/route53.toml
@ -132,6 +132,7 @@ Replace `Z11111112222222333333` with your hosted zone ID and `example.com` with
    AWS_ASSUME_ROLE_ARN = "Managed by the AWS Role ARN (`AWS_ASSUME_ROLE_ARN_FILE` is not supported)"
    AWS_EXTERNAL_ID = "Managed by STS AssumeRole API operation (`AWS_EXTERNAL_ID_FILE` is not supported)"
  [Configuration.Additional]
+    AWS_PRIVATE_ZONE = "Set to true to use private zones only (default: use public zones only)"
    AWS_SHARED_CREDENTIALS_FILE = "Managed by the AWS client. Shared credentials file."
    AWS_MAX_RETRIES = "The number of maximum returns the service will use to make an individual API request"
    AWS_POLLING_INTERVAL = "Time between DNS propagation check"
--- a/providers/dns/route53/route53_test.go
+++ b/providers/dns/route53/route53_test.go
@ -23,6 +23,7 @@ var envTest = tester.NewEnvTest(
 	EnvRegion,
 	EnvHostedZoneID,
 	EnvMaxRetries,
+	EnvPrivateZone,
 	EnvTTL,
 	EnvPropagationTimeout,
 	EnvPollingInterval).