README
ΒΆ
letsencrypt-lambda
AWS lambda function for creating and updating letsencrypt certificates
Usage
You can use terraform (>= 0.13.5) to deploy the lambda function:
module "letsencrypt-lambda" {
source = "github.com/lscheidler/letsencrypt-lambda?ref=main"
email = "me@example.com"
domains = "example.com,*.example.com"
aws_hosted_zone_id = "Z123ABC456DEF7"
issuer_passphrase = "<secure_issuer_passphrase>"
client_passphrase = "<secure_client_passphrase>"
on_failure = [data.aws_sns_topic.topic.arn]
aws_iam_policy_additional_statements = [
{
effect = "Allow",
actions = [
"sns:Publish",
],
resources = [
data.aws_sns_topic.topic.arn,
]
}
]
}
It is going to configure
- iam role and policy for required permissions
- lambda function
- secrets (issuer_passphrase, client_passphrase) to secrets manager (optional)
- cloudwatch event rule to run lambda daily
Argument Reference
| Name | Required | Default | Description |
|---|---|---|---|
aws_hosted_zone_id |
πΉ | Route53 Domain id | |
client_passphrase |
πΉ | Client passphrase for certificate encryption | |
domains |
πΉ | Domains to get a certificate for | |
email |
πΉ | Registration email for letsencrypt | |
issuer_passphrase |
πΉ | Issuer passphrase for letsencrypt account data | |
aws_region |
π· | "" |
|
aws_assume_role |
π· | "" |
|
aws_iam_policy_name |
π· | "letsencrypt-lambda_policy" |
|
aws_iam_policy_path |
π· | "/" |
|
aws_iam_policy_description |
π· | "letsencrypt policy" |
|
aws_iam_policy_additional_statements |
π· | [] |
|
aws_iam_role_name |
π· | "letsencrypt-lambda_role" |
|
aws_lambda_function_function_name |
π· | "letsencrypt-lambda" |
|
aws_lambda_function_publish |
π· | true |
|
aws_lambda_alias_name |
π· | "dev" |
|
aws_lambda_alias_description |
π· | "letsencrypt-lambda dev" |
|
dynamodb_table_name |
π· | "LetsencryptCA" |
|
use_aws_secrets_manager |
π· | true |
|
use_cloudwatch_event |
π· | true |
|
aws_cloudwatch_event_target_target_id |
π· | "" => aws_lambda_function_function_name |
|
aws_cloudwatch_event_rule_name |
π· | "" => aws_lambda_function_function_name |
|
aws_cloudwatch_event_rule_description |
π· | "" => aws_lambda_function_function_name |
|
schedule_expression |
π· | "cron(01 03 * * ? *)" |
License
The lambda function is available as open source under the terms of the Apache 2.0 License.
Documentation
ΒΆ
There is no documentation for this package.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.