diff --git a/modules/cloudflare/dns/README.md b/modules/cloudflare/dns/README.md
index 7c95867..bfcb22a 100644
--- a/modules/cloudflare/dns/README.md
+++ b/modules/cloudflare/dns/README.md
@@ -37,7 +37,7 @@ The module also simplifies a few boilerplate records at the apex for security pu
| [create\_zone](#input\_create\_zone) | Whether to create the zone. Defaults to `true`. | `bool` | `true` | no |
| [default\_ttl](#input\_default\_ttl) | Default TTL for DNS records. Defaults to 1, which means “automatic”. | `number` | `1` | no |
| [domain](#input\_domain) | The top-level domain name to hold the records. | `string` | n/a | yes |
-| [records](#input\_records) | List of DNS records for the domain.
• `name` - (Optional) The name of the record. Defaults to "@" (i.e. an apex record).
• `ttl` - (Optional) The TTL of the record. Defaults to `default_ttl`.
• `type` - (Required) The record type.
• `content` - (Required) The content of the record.
• `priority` - (Optional) The priority of the record.
• `proxied` - (Optional) Whether to use Cloudflare’s origin protection. Defaults to `false`. | map(object({
name = optional(string, "@")
ttl = optional(number)
type = string
content = string
priority = optional(number)
proxied = optional(bool, false)
})) | n/a | yes |
+| [records](#input\_records) | List of DNS records for the domain.
• `name` - (Optional) The sudomain name (without the domain suffix). Defaults to empty (i.e. an apex record).
• `ttl` - (Optional) The TTL of the record. Defaults to `default_ttl`.
• `type` - (Required) The record type.
• `content` - (Required) The content of the record.
• `priority` - (Optional) The priority of the record.
• `proxied` - (Optional) Whether to use Cloudflare’s origin protection. Defaults to `false`. | map(object({
name = optional(string)
ttl = optional(number)
type = string
content = string
priority = optional(number)
proxied = optional(bool, false)
})) | n/a | yes |
| [security\_contact](#input\_security\_contact) | Security contact for the domain. Defaults to 'security@DOMAIN', where `DOMAIN` is the top-level domain name. | `string` | `null` | no |
| [spf](#input\_spf) | List of SPF directives for the domain. | `list(string)` | `[]` | no |
diff --git a/modules/cloudflare/dns/dns.tf b/modules/cloudflare/dns/dns.tf
index efad576..903448f 100644
--- a/modules/cloudflare/dns/dns.tf
+++ b/modules/cloudflare/dns/dns.tf
@@ -18,7 +18,7 @@ resource "cloudflare_dns_record" "dns" {
for_each = var.records
zone_id = local.zone_id
- name = each.value.name
+ name = each.value.name != null ? "${each.value.name}.${var.domain}" : var.domain
ttl = each.value.ttl != null ? each.value.ttl : var.default_ttl
type = each.value.type
content = each.value.content
@@ -33,7 +33,7 @@ resource "cloudflare_dns_record" "apex_txt" {
]))
zone_id = local.zone_id
- name = "@"
+ name = var.domain
ttl = var.default_ttl
type = "TXT"
content = each.value
@@ -43,7 +43,7 @@ resource "cloudflare_dns_record" "apex_txt" {
resource "cloudflare_dns_record" "caa" {
for_each = toset(var.caa_issuers)
zone_id = local.zone_id
- name = "@"
+ name = var.domain
ttl = var.default_ttl
type = "CAA"
diff --git a/modules/cloudflare/dns/variables.tf b/modules/cloudflare/dns/variables.tf
index 790bd0e..676270a 100644
--- a/modules/cloudflare/dns/variables.tf
+++ b/modules/cloudflare/dns/variables.tf
@@ -18,7 +18,7 @@ variable "records" {
description = <