Route53 record undefined

이 제품은 선택한 Datadog 사이트에서 지원되지 않습니다. ().
이 페이지는 아직 한국어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Metadata

Id: 25db74bf-fa3b-44da-934e-8c3e005c0453

Cloud Provider: AWS

Platform: Terraform

Severity: High

Category: Networking and Firewall

Learn More

Description

This check verifies that Route53 record resources have defined values in the records array. Empty record arrays in Route53 configurations may result in DNS resolution failures, causing service disruptions and potentially breaking application functionality that depends on proper name resolution.

A properly configured Route53 record should include appropriate values in the records array, as shown in the secure example below:

records = [
  aws_route53_zone.example.name_servers[0],
  aws_route53_zone.example.name_servers[1],
  aws_route53_zone.example.name_servers[2],
  aws_route53_zone.example.name_servers[3],
]

Insecure configurations leave the records array empty:

records = [
  
]

Compliant Code Examples

resource "aws_route53_record" "example" {
  allow_overwrite = true
  name            = "test.example.com"
  ttl             = 30
  type            = "NS"
  zone_id         = aws_route53_zone.example.zone_id

  records = [
    aws_route53_zone.example.name_servers[0],
    aws_route53_zone.example.name_servers[1],
    aws_route53_zone.example.name_servers[2],
    aws_route53_zone.example.name_servers[3],
  ]
}

Non-Compliant Code Examples

resource "aws_route53_record" "example" {
  allow_overwrite = true
  name            = "test.example.com"
  ttl             = 30
  type            = "NS"
  zone_id         = aws_route53_zone.example.zone_id

  records = [
    
  ]
}