Modules
The following Modules are called:
iam_assumable_role_cert_manager
Source: terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc
Version: 4.0.0
Resources
The following resources are used by this module:
-
aws_iam_policy.cert_manager (resource)
-
aws_iam_policy_document.cert_manager (data source)
-
aws_region.current (data source)
-
aws_route53_zone.this (data source)
Required Inputs
The following input variables are required:
letsencrypt_issuer_email
Description: Email address used to register with Let’s Encrypt.
Type: string
Optional Inputs
The following input variables are optional (have default values):
other_domains
Description: Other domains used for Ingresses requiring a DNS-01 challenge for Let’s Encrypt validation with cert-manager (e.g. wildcard certificates).
Type: list(string)
Default: []
argocd_namespace
Description: Namespace used by Argo CD where the Application and AppProject resources should be created.
Type: string
Default: "argocd"
argocd_project
Description: Name of the Argo CD AppProject where the Application should be created. If not set, the Application will be created in a new AppProject only for this Application.
Type: string
Default: null
argocd_labels
Description: Labels to attach to the Argo CD Application resource.
Type: map(string)
Default: {}
destination_cluster
Description: Destination cluster where the application should be deployed.
Type: string
Default: "in-cluster"
target_revision
Description: Override of target revision of the application chart.
Type: string
Default: "v7.0.0"
namespace
Description: Namespace where the applications’s Kubernetes resources should be created. Namespace will be created in case it doesn’t exist.
Type: string
Default: "cert-manager"
enable_service_monitor
Description: Enable Prometheus ServiceMonitor in the Helm chart.
Type: bool
Default: true
deep_merge_append_list
Description: A boolean flag to enable/disable appending lists instead of overwriting them.
Type: bool
Default: false
app_autosync
Description: Automated sync options for the Argo CD Application resource.
Type:
object({
allow_empty = optional(bool)
prune = optional(bool)
self_heal = optional(bool)
})
Default:
{
"allow_empty": false,
"prune": true,
"self_heal": true
}
dependency_ids
Description: IDs of the other modules on which this module depends on.
Type: map(string)
Default: {}
use_default_dns01_solver
Description: Whether to use the default dns01 solver configuration.
Type: bool
Default: true
use_default_http01_solver
Description: Whether to use the default http01 solver configuration.
Type: bool
Default: true
custom_solver_configurations
Description: List of additional solver configurations, appended to the default dns01 and http01 solvers (if enabled).
Type: list(any)
Default: []
Outputs
The following outputs are exported:
id
Description: ID to pass other modules in order to refer to this module as a dependency.
cluster_issuers
Description: List of cluster issuers created by cert-manager. = Requirements
Name | Version |
---|---|
>= 5 |
|
>= 3 |
|
>= 1 |
Providers
Name | Version |
---|---|
n/a |
Modules
Name | Source | Version |
---|---|---|
terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc |
4.0.0 |
|
Resources
Name | Type |
---|---|
resource |
|
data source |
|
data source |
|
data source |
Inputs
Name | Description | Type | Default | Required |
---|---|---|---|---|
The name of the Kubernetes cluster to create. |
|
n/a |
yes |
|
The base domain used for Ingresses. |
|
n/a |
yes |
|
n/a |
|
n/a |
yes |
|
Other domains used for Ingresses requiring a DNS-01 challenge for Let’s Encrypt validation with cert-manager (e.g. wildcard certificates). |
|
|
no |
|
Namespace used by Argo CD where the Application and AppProject resources should be created. |
|
|
no |
|
Name of the Argo CD AppProject where the Application should be created. If not set, the Application will be created in a new AppProject only for this Application. |
|
|
no |
|
Labels to attach to the Argo CD Application resource. |
|
|
no |
|
Destination cluster where the application should be deployed. |
|
|
no |
|
Override of target revision of the application chart. |
|
|
no |
|
Namespace where the applications’s Kubernetes resources should be created. Namespace will be created in case it doesn’t exist. |
|
|
no |
|
Enable Prometheus ServiceMonitor in the Helm chart. |
|
|
no |
|
Helm values, passed as a list of HCL structures. |
|
|
no |
|
A boolean flag to enable/disable appending lists instead of overwriting them. |
|
|
no |
|
Automated sync options for the Argo CD Application resource. |
|
|
no |
|
IDs of the other modules on which this module depends on. |
|
|
no |
|
Email address used to register with Let’s Encrypt. |
|
n/a |
yes |
|
Whether to use the default dns01 solver configuration. |
|
|
no |
|
Whether to use the default http01 solver configuration. |
|
|
no |
|
List of additional solver configurations, appended to the default dns01 and http01 solvers (if enabled). |
|
|
no |
Outputs
Name | Description |
---|---|
ID to pass other modules in order to refer to this module as a dependency. |
|
List of cluster issuers created by cert-manager. |