Skip to content
/ terraform-aws-securely_parked_domain Public

Domains with sensible secure-by-default DNS entries with AWS Route 53

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

grendel-consulting/terraform-aws-securely_parked_domain

BranchesTags

Repository files navigation

Securely Parked Domains on AWS

OpenSSF Scorecard

Creates sensible and secure DNS entries in AWS Route53 for inactive or parked domains, to reduce abuse potential, based on the recommendations of the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) Parked Domains Best Common Practices.

Usage

module "parked_domain" {
  source = "grendel-consulting/securely_parked_domain/aws"

  domain     = "example.com"
  zone_id    = "Z1234567890ABC"
  rua_email  = "dmarc-reports@example.com"
  caa_email  = "security@example.com"
}

Requirements

Name Version
terraform >= 1.5.0
aws >= 5.0.0

Providers

Name Version
aws >= 5.0.0

Implementation

When provided with a target domain and AWS Route53 Zone ID, this module creates the following DNS records with a 48-hour TTL:

  • SPF records for both apex and subdomains
  • MX records for apex and subdomains
  • DMARC record
  • CAA records

It assumes that SOA records will have been created and continue to be managed by AWS.

Registry

Published on the Terraform Registry

About

Domains with sensible secure-by-default DNS entries with AWS Route 53

Topics

dns aws route-53

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

v0.1.0 Latest
Jan 29, 2025

Packages

No packages published

Contributors 2

  •  
  •  

Languages