README
¶
route53
A package which implements a dns-01 ACME protocol responder using AWS Route 53.
It is recommended to use an instance role to access the Route 53 zone. The following IAM policies are the minimum required to update the zone record set. This is an example policy document statement for Terraform:
statement {
actions = [
"route53:ChangeResourceRecordSets",
"route53:ListResourceRecordSets",
]
resources = [
"arn:aws:route53:::hostedzone/${var.zone_id}",
]
}
statement {
actions = [
"route53:GetChange",
]
resources = [
"*",
]
}
var.zone_id should expand to the Route 53 Hosted Zone ID which contains the
FQDN for which the ACME challenge is being made.
Note how the route53:GetChange action requires access to all resources, as
the change ID is dynamic.
Documentation
¶
Overview ¶
Package route53 implements a dns-01 ACME protocol responder using AWS Route 53.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func New ¶
func New(hostedZoneId string, logger log.DebugLogger) (certmanager.Responder, error)
New creates a DNS responder for ACME dns-01 challenges. The logger is used for logging messages.
Types ¶
This section is empty.
Source Files