github-actions[bot]
commented
15 hours ago Community Note
Voting for Prioritization
- Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
- Please see our prioritization guide for information on how we prioritize.
- Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.
Volunteering to Work on This Issue
- If you are interested in working on this issue, please leave a comment.
- If this would be your first contribution, please review the contribution guide.
Description
The terraform provider for aws_route53_resolver_rule has a Configuration block called target_ip. This object needs a new parameter introduced to support Server Name Indication which is required if trying to connect to a DoH using fqdn. Based on AWS Documentation here Resolving the target IP address of the FQDN of a DoH resolver on your network over the outbound endpoint is not supported. Outbound endpoints need the target IP address of DoH resolver on your network to forward the DoH queries to. If the DoH resolver on your network needs the FQDN in the TLS SNI and in the HTTP Host header, ServerNameIndication must be provided.
https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resolver-forwarding-outbound-queries.html#:~:text=must%20be%20provided.-,ServerNameIndication,-The%20Server%20Name
The Server Name Indication of the DoH server that you want to forward queries to. This is only used if the Protocol is DoH.
Can this be added to the provider to support this feature via Terraform.
Affected Resource(s) and/or Data Source(s)
aws_route53_resolver_rule
Potential Terraform Configuration
References
https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resolver-forwarding-outbound-queries.html
Would you like to implement a fix?
Yes