Add tags for DNS link in AWS Console

main.tf

@@ -7,6 +7,8 @@ locals {
   user_names_map         = { for idx, user in local.user_names : idx => user }
 }
 
+data "aws_region" "current" {}
+
 data "aws_s3_bucket" "landing" {
   count = local.enabled ? 1 : 0
 
@@ -106,6 +108,36 @@ resource "aws_route53_record" "main" {
   ]
 }
 
+# Add tags for DNS info and link in AWS console
+resource "null_resource" "transfer_server_dns_tags" {
+  count      = local.enabled && length(var.domain_name) > 0 && length(var.zone_id) > 0 ? 1 : 0
+  depends_on = [aws_transfer_server.default, aws_route53_record.main]
+  triggers = {
+    aws_profile         = var.aws_profile
+    aws_region          = data.aws_region.current.name
+    hostname            = var.domain_name
+    zone_id             = var.zone_id
+    transfer_server_arn = aws_transfer_server.default.arn
+  }
+
+  provisioner "local-exec" {
+    command = <<EOF
+aws --profile ${var.aws_profile} --region ${data.aws_region.current.name} transfer tag-resource \
+  --arn '${aws_transfer_server.default.arn}' \
+  --tags \
+    Key=aws:transfer:route53HostedZoneId,Value=/hostedzone/${var.zone_id} \
+    Key=aws:transfer:customHostname,Value=${var.domain_name}
+EOF
+  }
+
+  provisioner "local-exec" {
+    when    = destroy
+    command = <<EOD
+echo "Skip"
+EOD
+  }
+}
+
 module "logging_label" {
   source  = "cloudposse/label/null"
   version = "0.25.0"

outputs.tf

@@ -12,7 +12,7 @@ output "elastic_ips" {
   description = "Provisioned Elastic IPs"
   value       = module.this.enabled && var.eip_enabled ? aws_eip.sftp.*.id : null
 }
-  
+
 output "transfer_id" {
   description = "The id of the transfer server"
   value       = module.this.enabled ? join("", aws_transfer_server.default.*.id) : null

variables.tf

@@ -1,3 +1,10 @@
+
+variable "aws_profile" {
+  type        = string
+  description = "AWS profile to use for AWS CLI to add DNS tags"
+  default     = ""
+}
+
 variable "domain" {
   type        = string
   description = "Where your files are stored. S3 or EFS"
@@ -75,8 +82,8 @@ variable "security_group_rules" {
     }
   ]
   description = <<-EOT
-    A list of maps of Security Group rules. 
-    The values of map is fully complated with `aws_security_group_rule` resource. 
+    A list of maps of Security Group rules.
+    The values of map is fully complated with `aws_security_group_rule` resource.
     To get more info see https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule .
   EOT
 }
@@ -128,4 +135,4 @@ variable "pre_authentication_login_banner" {
   type        = string
   description = "This is pre authentication login banner while connectimg to server"
   default     = "This system is for the use of authorized Appzen users only."
-}
+}