DNSSec on Managed Zones (#255)

Signed-off-by: Modular Magician <magic-modules@google.com>
2025-07-29 16:11:31 -07:00 · 2019-05-22 15:52:32 -07:00 · 2019-05-22 15:52:32 -07:00 · 3e51483452
commit 3e51483452
parent 92beb99757
2 changed files with 247 additions and 0 deletions
--- a/plugins/modules/gcp_dns_managed_zone_facts.py
+++ b/plugins/modules/gcp_dns_managed_zone_facts.py
@ -73,6 +73,60 @@ resources:
      - The DNS name of this managed zone, for instance "example.com.".
      returned: success
      type: str
+    dnssecConfig:
+      description:
+      - DNSSEC configuration.
+      returned: success
+      type: complex
+      contains:
+        kind:
+          description:
+          - Identifies what kind of resource this is.
+          returned: success
+          type: str
+        nonExistence:
+          description:
+          - Specifies the mechanism used to provide authenticated denial-of-existence
+            responses. Output only while state is not OFF. .
+          returned: success
+          type: str
+        state:
+          description:
+          - Specifies whether DNSSEC is enabled, and what mode it is in.
+          returned: success
+          type: str
+        defaultKeySpecs:
+          description:
+          - Specifies parameters that will be used for generating initial DnsKeys
+            for this ManagedZone. Output only while state is not OFF .
+          returned: success
+          type: complex
+          contains:
+            algorithm:
+              description:
+              - String mnemonic specifying the DNSSEC algorithm of this key.
+              returned: success
+              type: str
+            keyLength:
+              description:
+              - Length of the keys in bits.
+              returned: success
+              type: int
+            keyType:
+              description:
+              - Specifies whether this is a key signing key (KSK) or a zone signing
+                key (ZSK). Key signing keys have the Secure Entry Point flag set and,
+                when active, will only be used to sign resource record sets of type
+                DNSKEY. Zone signing keys do not have the Secure Entry Point flag
+                set and will be used to sign all other types of resource record sets.
+                .
+              returned: success
+              type: str
+            kind:
+              description:
+              - Identifies what kind of resource this is.
+              returned: success
+              type: str
    id:
      description:
      - Unique identifier for the resource; defined by the server.