This module deploys and configures Cert Manager inside a Kubernetes Cluster.
| Name | Version |
|---|---|
| terraform | >= 0.13 |
| helm | >= 2.0.0 |
| kubernetes | >= 2.10.0 |
| Name | Version |
|---|---|
| helm | >= 2.0.0 |
| kubernetes | >= 2.10.0 |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| azure_resource_group_name | the azure resource group containing the required AzureDNS resources | string |
n/a | yes |
| azure_subscription_id | the azure subscription ID for the subscription containing the AzureDNS for ACME DNS challenge | string |
n/a | yes |
| azure_zone_name | the name of the azureDNS zone to use for ACME configuration | string |
n/a | yes |
| letsencrypt_email | the email to associated with letsencrypt ACME account for generating/signing of certificates | string |
n/a | yes |
| chart_name | the name of the cert-manager chart to use | string |
"cert-manager" |
no |
| chart_version | the version of the cert-manager chart to use. do not include 'v' prefix in this value | string |
"1.11.0" |
no |
| deploy_cluster_issuers | a boolean which determines if the cluster issuers for Let's Encrypt should be deployed | bool |
true |
no |
| enable_prometheusrules | Adds PrometheusRules for cert-manager alerts | bool |
true |
no |
| helm_namespace | the namespace where cert-manager resources should be deployed | string |
"cert-manager-system" |
no |
| helm_repository | the helm chart repository to use as the source for cert-manager | string |
"https://charts.jetstack.io" |
no |
| helm_repository_password | the helm repository password to use (IFF authentication is required by the repository) | string |
"" |
no |
| helm_repository_username | the helm repository username to use (IFF authentication is required by the repository) | string |
"" |
no |
| values | any additional helm chart values to pass to the helm_release resource. will be merged with existing values | string |
"" |
no |
| Name | Description |
|---|---|
| helm_namespace | the namespace containing the cert-manager helm release artifacts |
| release_name | the name of the cert-manager helm release |
| Date | Release | Change |
|---|---|---|
| 20190729 | 20190729.1 | Improvements to documentation and formatting |
| 20190909 | 20190909.1 | 1st release |
| 20200620 | v2.0.0 | Module now modified for Helm 3 |
| 20200622 | v2.0.1 | Added dependencies to kubernetes_secret |
| 20201105 | v2.0.2 | Add registry username/password support |
| 20210114 | v2.0.3 | Removed interpolation syntax |
| 20210826 | v3.0.0 | Updated module for Terraform v0.13 |
| 20220401 | v4.0.0 | Updated module to allow use of MSI |
| 20220401 | v4.0.1 | Updated module to cert-manager.io/v1 |
| 20220411 | v5.0.0 | Convert module to k8s manifest resource |
| 20220721 | v5.1.0 | Set the cnameStrategy to "Follow" for the DNS01 solver. |
| 20230105 | v5.2.0 | Added cert manager rules from kube-prometheus-stack |
| 20230109 | v5.3.0 | Add runbook links to Prometheus rules |
| 20230111 | v5.4.0 | Upgraded default chart-version to use latest cert-manager available |
| 20230130 | v5.4.1 | certManagerCertFailingToRenew alert no longer considers ready status |
| 20230202 | v5.4.2 | Specify sensitive variables |
| 20230213 | v5.5.0 | Add a flag to enable issuers |
| 20230411 | v5.6.0 | Add "cluster" to aggregation for alerting rules for thanos compatibility |