Terraform Kubernetes Cert Manager Issuer
A terraform module for deploying a Issuer
or ClusterIssuer
CR based on the clusterissuers.cert-manager.io
or issuers.cert-manager.io
CRDs to a Kubernetes cluster
Name
Description
Type
Default
Required
acme_dns01_azuredns_hosted_zone_name
the DNS zone to use for azureDNS solver
string
n/a
yes
acme_dns01_azuredns_resource_group_name
the azure resource group which contains azureDNS
string
n/a
yes
acme_dns01_azuredns_subscription_id
the azure subscription ID where azureDNS is located. required for DNS challenge solver
string
n/a
yes
acme_email
the email associated with the ACME issuer account. this will be used as a primary point of contact for certificate expiry and issues related to the ACME account
string
n/a
yes
acme_http01_ingress_class
the name of the ingress class to use in association with the generated ClusterIssuer. Challenge solver configurations can be configured for the ingress controller
string
n/a
yes
name
the name of the issuer release and by default the resulting ClusterIssuer name
string
n/a
yes
namespace
The namespace where the resources should be deployed.
string
n/a
yes
acme_http01_ingress_service_type
Defines what type of Service should be created.
string
"NodePort"
no
acme_server
a url pointing to a ACME server to use for certificate generation/signing. Provided host MUST adhere to the ACME spec
string
"https://acme-staging-v02.api.letsencrypt.org/directory"
no
module "helm_cert_manager_issuer" {
source = " git::https://gitlab.k8s.cloud.statcan.ca/cloudnative/terraform/modules/terraform-kubernetes-cert-manager-issuer.git?ref=v1.2.0"
name = " cert-manager-issuer"
namespace = " cert-manager-system"
acme_dns01_azuredns_hosted_zone_name = var. acme_dns01_azuredns_hosted_zone_name
acme_dns01_azuredns_resource_group_name = var. acme_dns01_azuredns_resource_group_name
acme_dns01_azuredns_subscription_id = var. acme_dns01_azuredns_subscription_id
acme_email = var. acme_email
acme_http01_ingress_class = var. acme_http01_ingress_class
}
Name
Description
namespace
The namespace the identity resides.