diff --git a/docs/api-types/issuer/spec.md b/docs/api-types/issuer/spec.md index 41354bdc7..4087f2812 100644 --- a/docs/api-types/issuer/spec.md +++ b/docs/api-types/issuer/spec.md @@ -127,6 +127,7 @@ clouddns: route53: accessKeyID: AKIAIOSFODNN7EXAMPLE region: eu-west-1 + hostedZoneID: DIKER8JPL21PSA secretAccessKeySecretRef: name: prod-route53-credentials-secret key: secret-access-key @@ -146,5 +147,3 @@ cloudflare: CA Issuers issue certificates signed from a X509 signing keypair, stored in a secret in the Kubernetes API server. - - diff --git a/docs/examples/acme-cert.yaml b/docs/examples/acme-cert.yaml index a1149b78f..9176f953e 100644 --- a/docs/examples/acme-cert.yaml +++ b/docs/examples/acme-cert.yaml @@ -12,8 +12,9 @@ spec: - cm-http-nginx.k8s.group - cm-http-nginx2.k8s.group - cm-http-gce.k8s.group - - cm-http-clouddns.k8s.group - - cm-http-cloudflare.k8s.group + - cm-dns-clouddns.k8s.group + - cm-dns-cloudflare.k8s.group + - cm-dns-route53.k8s.group acme: config: - http01: @@ -33,3 +34,7 @@ spec: provider: cloudflare domains: - cm-dns-cloudflare.k8s.group + - dns-01: + provider: route53 + domains: + - cm-dns-route53.k8s.group diff --git a/docs/examples/acme-issuer.yaml b/docs/examples/acme-issuer.yaml index f4e40cb2a..a39f5efdc 100644 --- a/docs/examples/acme-issuer.yaml +++ b/docs/examples/acme-issuer.yaml @@ -27,8 +27,21 @@ spec: project: gcloud-prod-project - name: cf-dns cloudflare: + # The cloudflare user account email email: user@example.com # A secretKeyRef to a cloudflare api key apiKeySecretRef: name: cloudflare-api-key key: api-key.txt + - name: route53 + route53: + # The Route53 access key ID + accessKeyID: AKIADKOU3GLWAQM8WQKJ + # A secretKeyRef to a the route53 secret access key + secretAccessKeySecretRef: + name: route53-config + key: secret-access-key + # The Route53 hosted zone ID + hostedZoneID: DIKER8JPL21PSA + # The Route53 region + region: us-east-1 diff --git a/docs/examples/cluster-issuer.yaml b/docs/examples/cluster-issuer.yaml new file mode 100644 index 000000000..4658c2d37 --- /dev/null +++ b/docs/examples/cluster-issuer.yaml @@ -0,0 +1,47 @@ +apiVersion: certmanager.k8s.io/v1alpha1 +kind: ClusterIssuer +metadata: + name: letsencrypt-prod +spec: + acme: + # The ACME server URL + server: https://acme-v01.api.letsencrypt.org/directory + # Email address used for ACME registration + email: user@example.com + # Name of a secret used to store the ACME account private key + privateKeySecretRef: + name: letsencrypt-prod + # Enable the HTTP-01 challenge provider + http01: {} + # ACME dns-01 provider configurations + dns01: + # Here we define a list of DNS-01 providers that can solve DNS challenges + providers: + - name: prod-dns + clouddns: + # A secretKeyRef to a the google cloud json service account + serviceAccountSecretRef: + name: clouddns-service-account + key: service-account.json + # The project in which to update the DNS zone + project: gcloud-prod-project + - name: cf-dns + cloudflare: + # The cloudflare user account email + email: user@example.com + # A secretKeyRef to a cloudflare api key + apiKeySecretRef: + name: cloudflare-api-key + key: api-key.txt + - name: route53 + route53: + # The Route53 access key ID + accessKeyID: AKIADKOU3GLWAQM8WQKJ + # A secretKeyRef to a the route53 secret access key + secretAccessKeySecretRef: + name: route53-config + key: secret-access-key + # The Route53 hosted zone ID + hostedZoneID: DIKER8JPL21PSA + # The Route53 region + region: us-east-1