We value your privacy
Module configures IAM permissions that allow Cert Manager to be integrated with the Google Cloud DNS service for DNS-01 ACME challenges.
Once you have a Corewide Solutions Portal account, this one-time action will use your browser session to retrieve credentials:
shellterraform login solutions.corewide.com
Initialize mandatory providers:
Copy and paste into your Terraform configuration and insert the variables:
hclmodule "tf_k8s_cert_manager_dns_gcp" {
source = "solutions.corewide.com/google-cloud/tf-k8s-cert-manager-dns-gcp/google"
version = "~> 1.0.0"
# specify module inputs here or try one of the examples below
...
}
Initialize the setup:
shellterraform init
Corewide DevOps team strictly follows Semantic Versioning
Specification
to
provide our clients with products that have predictable upgrades between versions. We
recommend
pinning
patch versions of our modules using pessimistic
constraint operator (~>) to prevent breaking changes during upgrades.
To get new features during the upgrades (without breaking compatibility), use
~> 1.0 and run
terraform init -upgrade
For the safest setup, use strict pinning with version = "1.0.0"
All notable changes to this project are documented here.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
First stable version
Setup with custom name prefix and outputs passed to the tf-k8s-cert-manager module:
hclmodule "gcp_cert_manager" {
source = "solutions.corewide.com/google-cloud/tf-k8s-cert-manager-dns-gcp/google"
version = "~> 1.0"
name_prefix = "foo"
}
module "cert_manager" {
source = "solutions.corewide.com/kubernetes/tf-k8s-cert-manager/helm"
version = "~> 1.1"
acme_email = "[email protected]"
ingress_classes = ["nginx"]
dns_solver_config = module.gcp_cert_manager.issuer_spec
service_account_annotations = module.gcp_cert_manager.service_account_annotation
}
Minimal setup with default parameters and outputs passed to the tf-k8s-cert-manager module:
hclmodule "gcp_cert_manager" {
source = "solutions.corewide.com/google-cloud/tf-k8s-cert-manager-dns-gcp/google"
version = "~> 1.0"
}
module "cert_manager" {
source = "solutions.corewide.com/kubernetes/tf-k8s-cert-manager/helm"
version = "~> 1.1"
acme_email = "[email protected]"
ingress_classes = ["nginx"]
dns_solver_config = module.gcp_cert_manager.issuer_spec
service_account_annotations = module.gcp_cert_manager.service_account_annotation
}
| Variable | Description | Type | Default | Required | Sensitive |
|---|---|---|---|---|---|
name_prefix |
Name prefix for created resources | string |
cert-manager |
no | no |
| Output | Description | Type | Sensitive |
|---|---|---|---|
issuer_spec |
Cert Manager parameters for Google Cloud DNS DNS-01 ACME challenge provider | map |
no |
service_account_annotation |
Annotation to add to the Cert Manager controller's ServiceAccount |
map |
no |
| Dependency | Version | Kind |
|---|---|---|
terraform |
>= 1.3 |
CLI |
hashicorp/google |
~> 6.2 |
provider |