infra: clawbench email dns#176
Conversation
There was a problem hiding this comment.
Pull request overview
This PR adds Route53 DNS infrastructure under the common/dns stack to delegate and configure email-related DNS records for the clawbench.<domain> subdomain.
Changes:
- Creates a new hosted zone for
clawbench.<domain>and delegates it from the parent zone via an NS record. - Adds email DNS records in the
clawbenchsubzone for Purelymail (MX, SPF TXT, ownership TXT, DKIM CNAMEs, DMARC).
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| zone_id = aws_route53_zone.perryz_net_zone.zone_id | ||
| name = "clawbench.${var.domain_name}" | ||
| type = "NS" | ||
| ttl = "300" |
There was a problem hiding this comment.
ttl is set as a quoted string. The aws_route53_record.ttl argument is a number, so this will fail type-checking during terraform plan/apply. Use an unquoted numeric literal (e.g., 300).
| # MX Record | ||
| resource "aws_route53_record" "clawbench_mx" { | ||
| zone_id = aws_route53_zone.clawbench_subzone.zone_id | ||
| name = "" |
There was a problem hiding this comment.
name = "" is not a valid record name for Route53 records. For apex records in the hosted zone, set name to the zone name (e.g., aws_route53_zone.clawbench_subzone.name) or the explicit FQDN; leaving it empty will typically be rejected by the provider/AWS API.
| zone_id = aws_route53_zone.clawbench_subzone.zone_id | ||
| name = "" | ||
| type = "MX" | ||
| ttl = "3600" |
There was a problem hiding this comment.
ttl is set as a quoted string. The aws_route53_record.ttl argument is a number, so this will fail type-checking during terraform plan/apply. Use an unquoted numeric literal (e.g., 3600).
| # TXT / SPF Record | ||
| resource "aws_route53_record" "clawbench_spf" { | ||
| zone_id = aws_route53_zone.clawbench_subzone.zone_id | ||
| name = "" |
There was a problem hiding this comment.
name = "" is not a valid record name for Route53 records. For apex records in the hosted zone, set name to the zone name (e.g., aws_route53_zone.clawbench_subzone.name) or the explicit FQDN.
| zone_id = aws_route53_zone.clawbench_subzone.zone_id | ||
| name = "" | ||
| type = "TXT" | ||
| ttl = "3600" |
There was a problem hiding this comment.
ttl is set as a quoted string. The aws_route53_record.ttl argument is a number, so this will fail type-checking during terraform plan/apply. Use an unquoted numeric literal (e.g., 3600).
| zone_id = aws_route53_zone.clawbench_subzone.zone_id | ||
| name = "purelymail2._domainkey" | ||
| type = "CNAME" | ||
| ttl = "3600" |
There was a problem hiding this comment.
ttl is set as a quoted string. The aws_route53_record.ttl argument is a number, so this will fail type-checking during terraform plan/apply. Use an unquoted numeric literal (e.g., 3600).
| zone_id = aws_route53_zone.clawbench_subzone.zone_id | ||
| name = "" | ||
| type = "TXT" | ||
| ttl = "3600" |
There was a problem hiding this comment.
ttl is set as a quoted string. The aws_route53_record.ttl argument is a number, so this will fail type-checking during terraform plan/apply. Use an unquoted numeric literal (e.g., 3600).
| zone_id = aws_route53_zone.clawbench_subzone.zone_id | ||
| name = "purelymail3._domainkey" | ||
| type = "CNAME" | ||
| ttl = "3600" |
There was a problem hiding this comment.
ttl is set as a quoted string. The aws_route53_record.ttl argument is a number, so this will fail type-checking during terraform plan/apply. Use an unquoted numeric literal (e.g., 3600).
| type = "CNAME" | ||
| ttl = "3600" | ||
| records = [ | ||
| "dmarcroot.purelymail.com." |
There was a problem hiding this comment.
DMARC is typically published as a TXT record at _dmarc.<domain>. Using type = "CNAME" here may not be honored by all DMARC evaluators and diverges from the existing DMARC TXT pattern in this repo (e.g., apps/cloud-chat-app/usw2dev/dns.tf). Consider switching this to a TXT record (or otherwise confirm the email provider’s required DNS format).
| type = "CNAME" | |
| ttl = "3600" | |
| records = [ | |
| "dmarcroot.purelymail.com." | |
| type = "TXT" | |
| ttl = "3600" | |
| records = [ | |
| "v=DMARC1; p=none; rua=mailto:postmaster@clawbench.${var.domain_name}" |
| zone_id = aws_route53_zone.clawbench_subzone.zone_id | ||
| name = "_dmarc" | ||
| type = "CNAME" | ||
| ttl = "3600" |
There was a problem hiding this comment.
ttl is set as a quoted string here. The aws_route53_record.ttl argument is a number, so this will fail type-checking during terraform plan/apply. Use an unquoted numeric literal (e.g., 3600).
No description provided.