apiVersion: cert-manager.io/v1alpha2
kind: ClusterIssuer
metadata:
  name: letsencrypt-wildcard-prod
  namespace: cert-manager
spec:
  acme:
    # The ACME server URL
    server: https://acme-v02.api.letsencrypt.org/directory
    # Email address used for ACME registration
    email: fred.damstra@gmail.com
    # Name of a secret used to store the ACME account private key
    privateKeySecretRef:
      name: letsencrypt-wildcard-prod
    # this solver handles example.org challenges and uses explicit credentials
    solvers:
    - selector:
        dnsZones:
          - "monkeybox.org"
          - "damstra.org"
      dns01:
        route53:
          region: us-east-1
          accessKeyID: AKIARGGCNZUWNJPPZDOU
          secretAccessKeySecretRef:
            name: aws-route53-creds
            key: password.txt