resource "aws_route53_resolver_endpoint" "re-dns-in-endpoint" {
  name      = "re-dns-in-endpoint"
  direction = "INBOUND"

  security_group_ids = [
    module.nodes.re-security-group,
  ]

  ip_address {
    subnet_id = module.vpc.subnets-public[0]
  }

  ip_address {
    subnet_id = module.vpc.subnets-public[1]
  }

  tags  = { Name = "INBOUND-MAGUE-EP" }

}

resource "aws_route53_resolver_endpoint" "re-dns-out-endpoint" {
  name      = "re-dns-out-endpoint"
  direction = "OUTBOUND"

  security_group_ids = [
    module.nodes.re-security-group,
  ]

  ip_address {
    subnet_id = module.vpc.subnets-public[0]
  }

  ip_address {
    subnet_id = module.vpc.subnets-public[1]
  }

  tags  = { Name = "OUTBOUND-MAGUE-EP" }

}

resource "aws_route53_resolver_rule" "forwarder" {
  domain_name          = "example.com"
  name                 = "example"
  rule_type            = "FORWARD"
  resolver_endpoint_id = aws_route53_resolver_endpoint.re-dns-out-endpoint.id

  target_ip {
    ip = module.nodes.node-internal-ips[0]
  }

  target_ip {
    ip = module.nodes.node-internal-ips[1]
  }

  target_ip {
    ip = module.nodes.node-internal-ips[2]
  }

}

resource "aws_route53_resolver_rule_association" "myrule" {
  resolver_rule_id = aws_route53_resolver_rule.forwarder.id
  vpc_id           = module.vpc.vpc-id
}