Cloudflare
Global network used for website domain, SSL/TSL encryption, DNS zones and records
data "cloudflare_zones" "dns_zone" {
filter {
name = var.domain
}
}Cloudflare DNS Zones
A DNS zone is a section of the domain name system managed by cloud. By this terraform data block I point to the existing DNS zones in my Cloudflare account, and I filter out the one that involves my domain name, abdulsamisahil.net. This is accomplished via an exact match filtering technique. Upon implementation, the Cloudflare API request will be directed towards zones?name=abdulsamisahil.net in order to extract the required information.
resource "cloudflare_record" "dns_record" {
zone_id = data.cloudflare_zones.dns_zone.zones[0].id
name = terraform.workspace == "prod" ? "@" : "${terraform.workspace}."
value = google_compute_instance.instance.network_interface[0].access_config[0].nat_ip
type = "A"
proxied = true
}Cloudflare DNS Records
Utilizing the Cloudflare record with A record which is a useful tool to simplify and streamline the management of A records, with its automation capabilities allowing for the automated creation of DNS records by assigning custom domain names to my VMs' external IP addresses. I also enhance DNS record management by incorporating prefixes such as '@' for production environment and Terraform workspace such as 'dev.' for development environment to improve efficiency. This method avoids the use of puting a load balancer in-front of the VM to terminate TLS, resulting in network cost increasings. Benefiting the Cloudflare's domain registry, all incoming traffic to the VM instance is decrypted by Cloudflare and then re-encrypted using Full (strict) SSL/TLS mode, incurring no additional cost to my project's Cloud billing.