Inputs

The following input variables are supported:

alert_email

Description: An email that will receive certificate alerts.

Type: string

Default: n/a

aws_iam_ip_allow_list

Description: A list of IPs that can use the service account token to authenticate with AWS API

Type: list(string)

Default: []

cloudflare_api_token

Description: Cloudflare API Token

Type: string

Default: null

cloudflare_zones

Description: A list of public DNS domains managed by Cloudflare; cert-manager uses this to issue public-facing certificates.

Type: list(string)

Default: []

kube_domain

Description: The domain under which cluster utilities have subdomains registered.

Type: string

Default: n/a

namespace

Description: The name of the cert-manager namespace.

Type: string

Default: "cert-manager"

route53_zones

Description: A mapping of public DNS domains managed by AWS to their configuration; cert-manager uses this to issue public-facing certificates.

Type:

map(object({
    record_manager_role_arn = string
    zone_id                 = string
  }))

Default: {}

service_account

Description: The name of the cert-manager service account.

Type: string

Default: "cert-manager"

vault_internal_url

Description: The url to the vault instance for internal cert issuance

Type: string

Default: n/a

Outputs

The following outputs are exported:

cloudflare_zones

Description: The cloudflare DNS names provided as an input

route53_zones

Description: The route53 zone configuration provided as an input

vault_ca_crt

Description: The public certificate of the root vault certificate authority

Providers

The following providers are needed by this module: