Fix external dns zone matching.

2025-03-22 15:19:44 -04:00 · 2025-03-22 15:19:44 -04:00 · 8a0f78032c
commit 8a0f78032c
parent 47cca17e51
2 changed files with 3 additions and 2 deletions
--- a/terraform/external_dns.tf
+++ b/terraform/external_dns.tf
@ -43,7 +43,7 @@ resource "google_project_iam_member" "external_dns" {
  role    = "roles/dns.reader"
 }
-resource "google_dns_managed_zone_iam_member" "member" {
+resource "google_dns_managed_zone_iam_member" "external_dns" {
  project      = google_project.project.project_id
  managed_zone = google_dns_managed_zone.zone.name
  role         = "roles/dns.admin"
--- a/terraform/modules/k8s_workload/external_dns.tf
+++ b/terraform/modules/k8s_workload/external_dns.tf
@ -12,7 +12,8 @@ variable "external_dns_gcp_service_account_email" {
 locals {
  external_dns_namespace     = length(kubernetes_namespace.external_dns) == 0 ? var.external_dns_k8s_namespace : kubernetes_namespace.external_dns[0].metadata[0].name
-  external_dns_domain_filter = trimsuffix("${var.cluster.name}.${var.dns_managed_zone.dns_name}", ".")
+  external_dns_domain_filter = trimsuffix("${var.dns_managed_zone.dns_name}", ".")
  # external_dns_domain_filter needs to match a google_dns_managed_zone so to keep things simple I am only filtering to the dns_root. If we wanted to filter to the cluster subdomain, we could create a separate google_dns_managed_zone for each cluster (and set IAM permissions accordingly).
 }
 resource "kubernetes_namespace" "external_dns" {