Remove disclaimer and disclosures of internals

idealo · Nov 20, 2023 · 8012bd4 · 8012bd4
1 parent 35dc46e
commit 8012bd4
Show file tree

Hide file tree

Showing 5 changed files with 24 additions and 57 deletions.
diff --git a/README.md b/README.md
@@ -4,44 +4,8 @@
 
 The Common Short Domain product gives you cool short domains (AWS Hosted Zones) in your AWS account so you can manage them yourself, without the hassle of a third party.
 
-Currently, we support the following domains where you can get subdomains:
-
-- `idealo.tools`: internal idealo tooling for everyone
-- `idealo.com`: idealo components mostly for b2b
-- `idealo.de`: idealo components mostly for b2c
-- `idealo.co.uk`: idealo components mostly for british b2c
-- `idealo.es`: idealo components mostly for spanish b2c
-- `idealo.fr`: idealo components mostly for french b2c
-- `idealo.it`: idealo components mostly for italian b2c
-- `idealo.nl`: idealo components mostly for dutch b2c
-- `idealo.pl`: idealo components mostly for polish b2c
-- `idealo.pt`: idealo components mostly for portuguese b2c
-
-More domains will follow in future updates. If you're missing one that you need, contact Team Transport.
-
 _Keep in mind that your FQDN shouldn't exceed 64 characters (including the final dot) to retrieve a TLS certificate._
 
-# ⚠️ Disclaimer
-
-> With great power comes great responsibility.
-
-Owning your own zone under an idealo.TLD comes with some responsibilities.
-
-## Cookies
-
-Customers log into idealo.de and other idealo TLDs with a cookie that is valid for that domain and its subdomains which includes your hosted zone. This could lead to some unwanted site effects you must be aware of. For example, if you create a CNAME pointing to an external FQDN, the cookie will be readable by that third party. So this external service provider could read that cookie and in the worst case impersonate our customer. From a security perspective, this might be unwanted behaviour. So if you point DNS records to third parties, take care that cookies are not forwarded to them. If you're unsure please contact us or the Security team to clarify how to deal with your specific scenario.
-
-As an example, let's say you serve the wishlist component from you AWS account. For that, you registered the subdomain wishlist.idealo.de with our CSD product. That means that we delegate the zone wishlist.idealo.de to your account. In your account, you then create DNS resource records pointing to the wishlist component, for example an ALB inside your account.
-Imagine you use a third party service like Salesforce that requires you to point DNS entries under your hosted zone to their service. For example, a CNAME salesforce.wishlist.idealo.de pointing to service.salesforce.com. This would mean that Salesforce is now able to read the customer's cookie and therefore is able to impersonate that customer. In that case, contact security to make sure that you comply with our security requirements.
-
-## Mail servers
-
-By controlling your own zone, you're also able to set records for your own mail servers. These mail servers would be able to send mails with a sender under subdomain for example wishlist.idealo.de. These mails should be well crafted and aligned with company standards from the design, legal and security departments.
-
-If you plan to set up email communication under your subdomain, you must talk to the mentioned departments first to make you follow the idealo guidelines.
-
-If you have any other questions about your hosted zone setup, feel free to reach out to Team Transport.
-
 # Installation
 
 ## Install from Terraform Registry
@@ -122,18 +86,21 @@ module "terraform_execution_role" {
 
 ```terraform
 # Create a Route53 Hosted Zone.
+# sample-app is a placeholder for the subdomain for your application.
+# example.net is a placeholder for a domain which is supported in the CSD product.
 # The lifecycle option prevents Terraform from accidentally removing critical resources.
-resource "aws_route53_zone" "shopverwaltung" {
-  name = "shopverwaltung.idealo.tools"
+resource "aws_route53_zone" "sample-app" {
+  name = "sample-app.example.net"
   lifecycle {
     prevent_destroy = true
   }
 }
 
-# Create zone delegation in idealo.tools zone via CSD provider
-resource "csd_zone_delegation" "shopverwaltung" {
-  name         = aws_route53_zone.shopverwaltung.name
-  name_servers = aws_route53_zone.shopverwaltung.name_servers
+# Create zone delegation in example.net zone via CSD provider
+# example.net is a placeholder for a domain which is supported in the CSD product.
+resource "csd_zone_delegation" "sample-app" {
+  name         = aws_route53_zone.sample-app.name
+  name_servers = aws_route53_zone.sample-app.name_servers
 }
 ```
 
@@ -142,15 +109,15 @@ resource "csd_zone_delegation" "shopverwaltung" {
 ## Use case 2: Route traffic through Akamai
 
 ```terraform
-resource "csd_record" "wishlist_idealo_de_cname" {
-  name  = "wishlist.idealo.de"
+resource "csd_record" "sample-app_example_net_cname" {
+  name  = "sample-app.example.net"
   rrtype  = "cname"
-  value = "wishlist.edgekey.net"
+  value = "sample-app.edgekey.net"
   ttl   = 3600
 }
 
-resource "csd_record" "_acme_challenge_wishlist_idealo_de_txt" {
-  name  = "_acme_challenge.wishlist.idealo.de"
+resource "csd_record" "_acme_challenge_sample-app_example_net_txt" {
+  name  = "_acme_challenge.sample-app.example.net"
   rrtype  = "txt"
   value = "LeisahxaiQu8ayah2aiwe9Que5saiy4o"
   ttl   = 60

diff --git a/examples/data-sources/csd_zone/data-source.tf b/examples/data-sources/csd_zone/data-source.tf
@@ -1,3 +1,3 @@
 data "csd_zone_delegation" "my_zone_delegation" {
-  name = "myzone.idealo.tools"
+  name = "myzone.example.net"
 }
diff --git a/examples/main.tf b/examples/main.tf
@@ -15,13 +15,13 @@ terraform {
 
 provider "aws" {
   region              = "eu-central-1"
-  allowed_account_ids = ["433744410943"]
+  allowed_account_ids = ["123456789012"]
 }
 
 provider "csd" {}
 
 resource "aws_route53_zone" "myzone" {
-  name = "myzone2.idealo.tools"
+  name = "myzone2.example.net"
 }
 
 resource "csd_zone_delegation" "myzone" {
@@ -38,19 +38,19 @@ resource "aws_route53_record" "myrecord" {
 }
 
 resource "csd_record" "myrecord" {
-  name   = "_acme-challenge.myrecord.myzone2.idealo.tools"
+  name   = "_acme-challenge.myrecord.myzone2.example.net"
   rrtype = "TXT"
   value  = "foobar"
 }
 
 resource "csd_record" "myrecord2" {
-  name   = "myrecord2.myzone2.idealo.tools"
+  name   = "myrecord2.myzone2.example.net"
   rrtype = "CNAME"
   value  = "foobar.edgekey.net."
 }
 
 #data "csd_record" "myrecord" {
-#  name = "myrecord.idealo.tools"
+#  name = "myrecord.example.net"
 #}
 
 #output "myrecord" {
@@ -64,7 +64,7 @@ resource "csd_record" "myrecord2" {
 #}
 
 #resource "aws_route53_zone" "my_zone" {
-#  name = "myzone.idealo.tools"
+#  name = "myzone.example.net"
 #}
 
 #resource "csd_zone_delegation" "my_zone_delegation" {
@@ -87,7 +87,7 @@ resource "csd_record" "myrecord2" {
 #}
 
 #data "csd_zone_delegation" "my_zone_delegation" {
-#  name = "myzone.idealo.tools"
+#  name = "myzone.example.net"
 #}
 
 #output "test_data_read_zone_delegation" {

diff --git a/examples/resources/csd_zone/import.sh b/examples/resources/csd_zone/import.sh
@@ -1 +1 @@
-terraform import csd_zone_delegation.example myzone.idealo.tools
+terraform import csd_zone_delegation.example myzone.example.net
diff --git a/examples/resources/csd_zone/resource.tf b/examples/resources/csd_zone/resource.tf
@@ -1,5 +1,5 @@
 resource "aws_route53_zone" "my_zone" {
-  name = "myzone.idealo.tools"
+  name = "myzone.example.net"
 }
 
 resource "csd_zone_delegation" "my_zone_delegation" {
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		terraform import csd_zone_delegation.example myzone.idealo.tools
		terraform import csd_zone_delegation.example myzone.example.net