» Amazon Route 53 DNS Challenge Provider
The route53
DNS challenge provider can be used to perform DNS challenges for
the acme_certificate
resource with
Amazon Route 53.
For complete information on how to use this provider with the acme_certifiate
resource, see here.
» Example
resource "acme_certificate" "certificate" {
...
dns_challenge {
provider = "route53"
}
}
» Argument Reference
The following arguments can be either passed as environment variables, or
directly through the config
block in the
dns_challenge
argument in the
acme_certificate
resource. For more details, see
here.
NOTE: Several other options exist for configuring the AWS credential chain. For more details, see the AWS SDK documentation.
-
AWS_ACCESS_KEY_ID
- The AWS access key ID. -
AWS_SECRET_ACCESS_KEY
- The AWS secret access key. -
AWS_SESSION_TOKEN
- The session token to use, if necessary. -
AWS_HOSTED_ZONE_ID
- The hosted zone ID to use. This can be used to override ACME's default domain discovery and force the provider to use a specific hosted zone. -
AWS_SDK_LOAD_CONFIG
- Load settings from~/.aws/config
. Useful when using AssumeRole with cross-account auth. -
AWS_PROFILE
- The profile to use.
The following additional optional variables are available:
-
AWS_POLLING_INTERVAL
- The amount of time, in seconds, to wait between DNS propagation checks (default:4
). -
AWS_PROPAGATION_TIMEOUT
- The amount of time, in seconds, to wait for DNS propagation (default:120
). -
AWS_TTL
- The TTL to set on DNS challenge records, in seconds (default:10
).