| 12345678910111213141516171819 |
- #! /bin/bash
- #
- # Creates an AWS user that can create DNS entries for lets encrypt wildcard certificates
- aws iam create-policy --policy-name letsencrypt-wildcard --policy-document file://json/letsencrypt-wildcard.json
- LE_POLICY_ARN=$(aws iam list-policies --output json --query 'Policies[*].[PolicyName,Arn]' --output text | grep letsencrypt-wildcard | awk '{print $2}')
- aws iam create-group --group-name letsencrypt-wildcard
- aws iam attach-group-policy --policy-arn ${LE_POLICY_ARN} --group-name letsencrypt-wildcard
- aws iam create-user --user-name letsencrypt-wildcard
- aws iam add-user-to-group --user-name letsencrypt-wildcard --group-name letsencrypt-wildcard
- aws iam create-access-key --user-name letsencrypt-wildcard
- #Now on the k8s server, run:
- #AWS_ACCESS_KEY_ID=your-access-id
- #AWS_SECRET_ACCESS_KEY=your-access-secret
- #echo ${AWS_SECRET_ACCESS_KEY} > password.txt
- #kubectl create secret generic aws-route53-creds --from-file=password.txt -n cert-manager
- #rm -f password.txt
|
