From 613866f70be9a737b77819bd34f72bd9c2779d2f Mon Sep 17 00:00:00 2001 From: Clement Jean Date: Mon, 28 Jun 2021 09:03:49 +0800 Subject: [PATCH 1/5] doc: Better lightsail credentials `_FILE` suffix is not supported for `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`. Furthermore, if the user wants to use Docker secrets (using files) they can use the `AWS_SHARED_CREDENTIALS_FILE` environment variable. --- providers/dns/lightsail/lightsail.toml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/providers/dns/lightsail/lightsail.toml b/providers/dns/lightsail/lightsail.toml index c3c533dded..5873517ba6 100644 --- a/providers/dns/lightsail/lightsail.toml +++ b/providers/dns/lightsail/lightsail.toml @@ -47,8 +47,9 @@ Alternatively, you can also set the `Resource` to `*` (wildcard), which allow to [Configuration] [Configuration.Credentials] - AWS_ACCESS_KEY_ID = "Access key ID" - AWS_SECRET_ACCESS_KEY = "Secret access key" + AWS_ACCESS_KEY_ID = "Access key ID (`_FILE` suffix does not apply, alternatively use `AWS_SHARED_CREDENTIALS_FILE`)" + AWS_SECRET_ACCESS_KEY = "Secret access key (`_FILE` suffix does not apply, alternatively use `AWS_SHARED_CREDENTIALS_FILE`)" + AWS_SHARED_CREDENTIALS_FILE = "Shared credentials file" DNS_ZONE = "Domain name of the DNS zone" [Configuration.Additional] LIGHTSAIL_POLLING_INTERVAL = "Time between DNS propagation check" From 08be3e53c39182c7f015e7726a5001e6dc94796c Mon Sep 17 00:00:00 2001 From: Clement Jean Date: Mon, 28 Jun 2021 09:06:46 +0800 Subject: [PATCH 2/5] doc: Better route53 credentials `_FILE` suffix is not supported for `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`. Furthermore, if the user wants to use Docker secrets (using files) they can use the `AWS_SHARED_CREDENTIALS_FILE` environment variable. --- providers/dns/route53/route53.toml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/providers/dns/route53/route53.toml b/providers/dns/route53/route53.toml index 797d21a45f..bc173289ed 100644 --- a/providers/dns/route53/route53.toml +++ b/providers/dns/route53/route53.toml @@ -63,12 +63,13 @@ The following AWS IAM policy document describes the permissions required for leg [Configuration] [Configuration.Credentials] - AWS_ACCESS_KEY_ID = "Managed by the AWS client (`AWS_ACCESS_KEY_ID_FILE` is not supported)" - AWS_SECRET_ACCESS_KEY = "Managed by the AWS client (`AWS_SECRET_ACCESS_KEY_FILE` is not supported)" - AWS_REGION = "Managed by the AWS client (`AWS_REGION_FILE` is not supported)" + AWS_ACCESS_KEY_ID = "Access key ID (`_FILE` suffix does not apply, alternatively use `AWS_SHARED_CREDENTIALS_FILE`)" + AWS_SECRET_ACCESS_KEY = "Secret access key (`_FILE` suffix does not apply, alternatively use `AWS_SHARED_CREDENTIALS_FILE`)" + AWS_SHARED_CREDENTIALS_FILE = "Shared credentials file" + AWS_REGION = "Managed by the AWS client (`_FILE` suffix does not apply)" AWS_HOSTED_ZONE_ID = "Override the hosted zone ID" - AWS_PROFILE = "Managed by the AWS client (`AWS_PROFILE_FILE` is not supported)" - AWS_SDK_LOAD_CONFIG = "Retrieve the region from the CLI config file (`AWS_SDK_LOAD_CONFIG_FILE` is not supported)" + AWS_PROFILE = "Managed by the AWS client (`_FILE` suffix does not apply)" + AWS_SDK_LOAD_CONFIG = "Retrieve the region from the CLI config file (`_FILE` suffix does not apply)" [Configuration.Additional] AWS_MAX_RETRIES = "The number of maximum returns the service will use to make an individual API request" AWS_POLLING_INTERVAL = "Time between DNS propagation check" From d04798ed4c606b95f4e9b47a2890cdbe87746d49 Mon Sep 17 00:00:00 2001 From: Fernandez Ludovic Date: Mon, 28 Jun 2021 03:17:08 +0200 Subject: [PATCH 3/5] review --- docs/content/dns/zz_gen_lightsail.md | 5 +++-- docs/content/dns/zz_gen_route53.md | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/docs/content/dns/zz_gen_lightsail.md b/docs/content/dns/zz_gen_lightsail.md index a5a4cf5ea6..bf74f761fb 100644 --- a/docs/content/dns/zz_gen_lightsail.md +++ b/docs/content/dns/zz_gen_lightsail.md @@ -29,8 +29,8 @@ _Please contribute by adding a CLI example._ | Environment Variable Name | Description | |-----------------------|-------------| -| `AWS_ACCESS_KEY_ID` | Access key ID | -| `AWS_SECRET_ACCESS_KEY` | Secret access key | +| `AWS_ACCESS_KEY_ID` | Access key ID (`AWS_ACCESS_KEY_ID_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead) | +| `AWS_SECRET_ACCESS_KEY` | Secret access key (`AWS_SECRET_ACCESS_KEY_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead) | | `DNS_ZONE` | Domain name of the DNS zone | The environment variable names can be suffixed by `_FILE` to reference a file instead of a value. @@ -41,6 +41,7 @@ More information [here](/lego/dns/#configuration-and-credentials). | Environment Variable Name | Description | |--------------------------------|-------------| +| `AWS_SHARED_CREDENTIALS_FILE` | Shared credentials file | | `LIGHTSAIL_POLLING_INTERVAL` | Time between DNS propagation check | | `LIGHTSAIL_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | diff --git a/docs/content/dns/zz_gen_route53.md b/docs/content/dns/zz_gen_route53.md index f28d4cbf60..6048bc4d01 100644 --- a/docs/content/dns/zz_gen_route53.md +++ b/docs/content/dns/zz_gen_route53.md @@ -29,12 +29,12 @@ _Please contribute by adding a CLI example._ | Environment Variable Name | Description | |-----------------------|-------------| -| `AWS_ACCESS_KEY_ID` | Managed by the AWS client (`AWS_ACCESS_KEY_ID_FILE` is not supported) | +| `AWS_ACCESS_KEY_ID` | Access key ID (`AWS_ACCESS_KEY_ID_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead) | | `AWS_HOSTED_ZONE_ID` | Override the hosted zone ID | | `AWS_PROFILE` | Managed by the AWS client (`AWS_PROFILE_FILE` is not supported) | | `AWS_REGION` | Managed by the AWS client (`AWS_REGION_FILE` is not supported) | | `AWS_SDK_LOAD_CONFIG` | Retrieve the region from the CLI config file (`AWS_SDK_LOAD_CONFIG_FILE` is not supported) | -| `AWS_SECRET_ACCESS_KEY` | Managed by the AWS client (`AWS_SECRET_ACCESS_KEY_FILE` is not supported) | +| `AWS_SECRET_ACCESS_KEY` | Secret access key (`AWS_SECRET_ACCESS_KEY_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead) | The environment variable names can be suffixed by `_FILE` to reference a file instead of a value. More information [here](/lego/dns/#configuration-and-credentials). @@ -47,6 +47,7 @@ More information [here](/lego/dns/#configuration-and-credentials). | `AWS_MAX_RETRIES` | The number of maximum returns the service will use to make an individual API request | | `AWS_POLLING_INTERVAL` | Time between DNS propagation check | | `AWS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | +| `AWS_SHARED_CREDENTIALS_FILE` | Shared credentials file | | `AWS_TTL` | The TTL of the TXT record used for the DNS challenge | The environment variable names can be suffixed by `_FILE` to reference a file instead of a value. From 399bac2ff014cd1852f98b24bc6130049b49d3ab Mon Sep 17 00:00:00 2001 From: Fernandez Ludovic Date: Mon, 28 Jun 2021 03:17:17 +0200 Subject: [PATCH 4/5] chore: generate --- cmd/zz_gen_cmd_dnshelp.go | 10 ++++++---- providers/dns/lightsail/lightsail.toml | 6 +++--- providers/dns/route53/route53.toml | 12 ++++++------ 3 files changed, 15 insertions(+), 13 deletions(-) diff --git a/cmd/zz_gen_cmd_dnshelp.go b/cmd/zz_gen_cmd_dnshelp.go index b198b926d3..bb22edcede 100644 --- a/cmd/zz_gen_cmd_dnshelp.go +++ b/cmd/zz_gen_cmd_dnshelp.go @@ -1137,12 +1137,13 @@ func displayDNSHelp(name string) error { ew.writeln() ew.writeln(`Credentials:`) - ew.writeln(` - "AWS_ACCESS_KEY_ID": Access key ID`) - ew.writeln(` - "AWS_SECRET_ACCESS_KEY": Secret access key`) + ew.writeln(` - "AWS_ACCESS_KEY_ID": Access key ID ('AWS_ACCESS_KEY_ID_FILE' is not supported, use 'AWS_SHARED_CREDENTIALS_FILE' instead)`) + ew.writeln(` - "AWS_SECRET_ACCESS_KEY": Secret access key ('AWS_SECRET_ACCESS_KEY_FILE' is not supported, use 'AWS_SHARED_CREDENTIALS_FILE' instead)`) ew.writeln(` - "DNS_ZONE": Domain name of the DNS zone`) ew.writeln() ew.writeln(`Additional Configuration:`) + ew.writeln(` - "AWS_SHARED_CREDENTIALS_FILE": Shared credentials file`) ew.writeln(` - "LIGHTSAIL_POLLING_INTERVAL": Time between DNS propagation check`) ew.writeln(` - "LIGHTSAIL_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) @@ -1652,18 +1653,19 @@ func displayDNSHelp(name string) error { ew.writeln() ew.writeln(`Credentials:`) - ew.writeln(` - "AWS_ACCESS_KEY_ID": Managed by the AWS client ('AWS_ACCESS_KEY_ID_FILE' is not supported)`) + ew.writeln(` - "AWS_ACCESS_KEY_ID": Access key ID ('AWS_ACCESS_KEY_ID_FILE' is not supported, use 'AWS_SHARED_CREDENTIALS_FILE' instead)`) ew.writeln(` - "AWS_HOSTED_ZONE_ID": Override the hosted zone ID`) ew.writeln(` - "AWS_PROFILE": Managed by the AWS client ('AWS_PROFILE_FILE' is not supported)`) ew.writeln(` - "AWS_REGION": Managed by the AWS client ('AWS_REGION_FILE' is not supported)`) ew.writeln(` - "AWS_SDK_LOAD_CONFIG": Retrieve the region from the CLI config file ('AWS_SDK_LOAD_CONFIG_FILE' is not supported)`) - ew.writeln(` - "AWS_SECRET_ACCESS_KEY": Managed by the AWS client ('AWS_SECRET_ACCESS_KEY_FILE' is not supported)`) + ew.writeln(` - "AWS_SECRET_ACCESS_KEY": Secret access key ('AWS_SECRET_ACCESS_KEY_FILE' is not supported, use 'AWS_SHARED_CREDENTIALS_FILE' instead)`) ew.writeln() ew.writeln(`Additional Configuration:`) ew.writeln(` - "AWS_MAX_RETRIES": The number of maximum returns the service will use to make an individual API request`) ew.writeln(` - "AWS_POLLING_INTERVAL": Time between DNS propagation check`) ew.writeln(` - "AWS_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) + ew.writeln(` - "AWS_SHARED_CREDENTIALS_FILE": Shared credentials file`) ew.writeln(` - "AWS_TTL": The TTL of the TXT record used for the DNS challenge`) ew.writeln() diff --git a/providers/dns/lightsail/lightsail.toml b/providers/dns/lightsail/lightsail.toml index 5873517ba6..b989886e01 100644 --- a/providers/dns/lightsail/lightsail.toml +++ b/providers/dns/lightsail/lightsail.toml @@ -47,11 +47,11 @@ Alternatively, you can also set the `Resource` to `*` (wildcard), which allow to [Configuration] [Configuration.Credentials] - AWS_ACCESS_KEY_ID = "Access key ID (`_FILE` suffix does not apply, alternatively use `AWS_SHARED_CREDENTIALS_FILE`)" - AWS_SECRET_ACCESS_KEY = "Secret access key (`_FILE` suffix does not apply, alternatively use `AWS_SHARED_CREDENTIALS_FILE`)" - AWS_SHARED_CREDENTIALS_FILE = "Shared credentials file" + AWS_ACCESS_KEY_ID = "Access key ID (`AWS_ACCESS_KEY_ID_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead)" + AWS_SECRET_ACCESS_KEY = "Secret access key (`AWS_SECRET_ACCESS_KEY_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead)" DNS_ZONE = "Domain name of the DNS zone" [Configuration.Additional] + AWS_SHARED_CREDENTIALS_FILE = "Shared credentials file" LIGHTSAIL_POLLING_INTERVAL = "Time between DNS propagation check" LIGHTSAIL_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" diff --git a/providers/dns/route53/route53.toml b/providers/dns/route53/route53.toml index bc173289ed..3f2a858ee1 100644 --- a/providers/dns/route53/route53.toml +++ b/providers/dns/route53/route53.toml @@ -63,14 +63,14 @@ The following AWS IAM policy document describes the permissions required for leg [Configuration] [Configuration.Credentials] - AWS_ACCESS_KEY_ID = "Access key ID (`_FILE` suffix does not apply, alternatively use `AWS_SHARED_CREDENTIALS_FILE`)" - AWS_SECRET_ACCESS_KEY = "Secret access key (`_FILE` suffix does not apply, alternatively use `AWS_SHARED_CREDENTIALS_FILE`)" - AWS_SHARED_CREDENTIALS_FILE = "Shared credentials file" - AWS_REGION = "Managed by the AWS client (`_FILE` suffix does not apply)" + AWS_ACCESS_KEY_ID = "Access key ID (`AWS_ACCESS_KEY_ID_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead)" + AWS_SECRET_ACCESS_KEY = "Secret access key (`AWS_SECRET_ACCESS_KEY_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead)" + AWS_REGION = "Managed by the AWS client (`AWS_REGION_FILE` is not supported)" AWS_HOSTED_ZONE_ID = "Override the hosted zone ID" - AWS_PROFILE = "Managed by the AWS client (`_FILE` suffix does not apply)" - AWS_SDK_LOAD_CONFIG = "Retrieve the region from the CLI config file (`_FILE` suffix does not apply)" + AWS_PROFILE = "Managed by the AWS client (`AWS_PROFILE_FILE` is not supported)" + AWS_SDK_LOAD_CONFIG = "Retrieve the region from the CLI config file (`AWS_SDK_LOAD_CONFIG_FILE` is not supported)" [Configuration.Additional] + AWS_SHARED_CREDENTIALS_FILE = "Shared credentials file" AWS_MAX_RETRIES = "The number of maximum returns the service will use to make an individual API request" AWS_POLLING_INTERVAL = "Time between DNS propagation check" AWS_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" From af3c9e46db23252c5eb08e1fd74fc3eadb331f85 Mon Sep 17 00:00:00 2001 From: Fernandez Ludovic Date: Mon, 28 Jun 2021 03:21:54 +0200 Subject: [PATCH 5/5] review --- cmd/zz_gen_cmd_dnshelp.go | 16 ++++++++-------- docs/content/dns/zz_gen_lightsail.md | 6 +++--- docs/content/dns/zz_gen_route53.md | 10 +++++----- providers/dns/lightsail/lightsail.toml | 6 +++--- providers/dns/route53/route53.toml | 10 +++++----- 5 files changed, 24 insertions(+), 24 deletions(-) diff --git a/cmd/zz_gen_cmd_dnshelp.go b/cmd/zz_gen_cmd_dnshelp.go index bb22edcede..581f02809a 100644 --- a/cmd/zz_gen_cmd_dnshelp.go +++ b/cmd/zz_gen_cmd_dnshelp.go @@ -1137,13 +1137,13 @@ func displayDNSHelp(name string) error { ew.writeln() ew.writeln(`Credentials:`) - ew.writeln(` - "AWS_ACCESS_KEY_ID": Access key ID ('AWS_ACCESS_KEY_ID_FILE' is not supported, use 'AWS_SHARED_CREDENTIALS_FILE' instead)`) - ew.writeln(` - "AWS_SECRET_ACCESS_KEY": Secret access key ('AWS_SECRET_ACCESS_KEY_FILE' is not supported, use 'AWS_SHARED_CREDENTIALS_FILE' instead)`) + ew.writeln(` - "AWS_ACCESS_KEY_ID": Managed by the AWS client. Access key ID ('AWS_ACCESS_KEY_ID_FILE' is not supported, use 'AWS_SHARED_CREDENTIALS_FILE' instead)`) + ew.writeln(` - "AWS_SECRET_ACCESS_KEY": Managed by the AWS client. Secret access key ('AWS_SECRET_ACCESS_KEY_FILE' is not supported, use 'AWS_SHARED_CREDENTIALS_FILE' instead)`) ew.writeln(` - "DNS_ZONE": Domain name of the DNS zone`) ew.writeln() ew.writeln(`Additional Configuration:`) - ew.writeln(` - "AWS_SHARED_CREDENTIALS_FILE": Shared credentials file`) + ew.writeln(` - "AWS_SHARED_CREDENTIALS_FILE": Managed by the AWS client. Shared credentials file.`) ew.writeln(` - "LIGHTSAIL_POLLING_INTERVAL": Time between DNS propagation check`) ew.writeln(` - "LIGHTSAIL_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) @@ -1653,19 +1653,19 @@ func displayDNSHelp(name string) error { ew.writeln() ew.writeln(`Credentials:`) - ew.writeln(` - "AWS_ACCESS_KEY_ID": Access key ID ('AWS_ACCESS_KEY_ID_FILE' is not supported, use 'AWS_SHARED_CREDENTIALS_FILE' instead)`) - ew.writeln(` - "AWS_HOSTED_ZONE_ID": Override the hosted zone ID`) + ew.writeln(` - "AWS_ACCESS_KEY_ID": Managed by the AWS client. Access key ID ('AWS_ACCESS_KEY_ID_FILE' is not supported, use 'AWS_SHARED_CREDENTIALS_FILE' instead)`) + ew.writeln(` - "AWS_HOSTED_ZONE_ID": Override the hosted zone ID.`) ew.writeln(` - "AWS_PROFILE": Managed by the AWS client ('AWS_PROFILE_FILE' is not supported)`) ew.writeln(` - "AWS_REGION": Managed by the AWS client ('AWS_REGION_FILE' is not supported)`) - ew.writeln(` - "AWS_SDK_LOAD_CONFIG": Retrieve the region from the CLI config file ('AWS_SDK_LOAD_CONFIG_FILE' is not supported)`) - ew.writeln(` - "AWS_SECRET_ACCESS_KEY": Secret access key ('AWS_SECRET_ACCESS_KEY_FILE' is not supported, use 'AWS_SHARED_CREDENTIALS_FILE' instead)`) + ew.writeln(` - "AWS_SDK_LOAD_CONFIG": Managed by the AWS client. Retrieve the region from the CLI config file ('AWS_SDK_LOAD_CONFIG_FILE' is not supported)`) + ew.writeln(` - "AWS_SECRET_ACCESS_KEY": Managed by the AWS client. Secret access key ('AWS_SECRET_ACCESS_KEY_FILE' is not supported, use 'AWS_SHARED_CREDENTIALS_FILE' instead)`) ew.writeln() ew.writeln(`Additional Configuration:`) ew.writeln(` - "AWS_MAX_RETRIES": The number of maximum returns the service will use to make an individual API request`) ew.writeln(` - "AWS_POLLING_INTERVAL": Time between DNS propagation check`) ew.writeln(` - "AWS_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) - ew.writeln(` - "AWS_SHARED_CREDENTIALS_FILE": Shared credentials file`) + ew.writeln(` - "AWS_SHARED_CREDENTIALS_FILE": Managed by the AWS client. Shared credentials file.`) ew.writeln(` - "AWS_TTL": The TTL of the TXT record used for the DNS challenge`) ew.writeln() diff --git a/docs/content/dns/zz_gen_lightsail.md b/docs/content/dns/zz_gen_lightsail.md index bf74f761fb..713a7db754 100644 --- a/docs/content/dns/zz_gen_lightsail.md +++ b/docs/content/dns/zz_gen_lightsail.md @@ -29,8 +29,8 @@ _Please contribute by adding a CLI example._ | Environment Variable Name | Description | |-----------------------|-------------| -| `AWS_ACCESS_KEY_ID` | Access key ID (`AWS_ACCESS_KEY_ID_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead) | -| `AWS_SECRET_ACCESS_KEY` | Secret access key (`AWS_SECRET_ACCESS_KEY_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead) | +| `AWS_ACCESS_KEY_ID` | Managed by the AWS client. Access key ID (`AWS_ACCESS_KEY_ID_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead) | +| `AWS_SECRET_ACCESS_KEY` | Managed by the AWS client. Secret access key (`AWS_SECRET_ACCESS_KEY_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead) | | `DNS_ZONE` | Domain name of the DNS zone | The environment variable names can be suffixed by `_FILE` to reference a file instead of a value. @@ -41,7 +41,7 @@ More information [here](/lego/dns/#configuration-and-credentials). | Environment Variable Name | Description | |--------------------------------|-------------| -| `AWS_SHARED_CREDENTIALS_FILE` | Shared credentials file | +| `AWS_SHARED_CREDENTIALS_FILE` | Managed by the AWS client. Shared credentials file. | | `LIGHTSAIL_POLLING_INTERVAL` | Time between DNS propagation check | | `LIGHTSAIL_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | diff --git a/docs/content/dns/zz_gen_route53.md b/docs/content/dns/zz_gen_route53.md index 6048bc4d01..1ed0f41299 100644 --- a/docs/content/dns/zz_gen_route53.md +++ b/docs/content/dns/zz_gen_route53.md @@ -29,12 +29,12 @@ _Please contribute by adding a CLI example._ | Environment Variable Name | Description | |-----------------------|-------------| -| `AWS_ACCESS_KEY_ID` | Access key ID (`AWS_ACCESS_KEY_ID_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead) | -| `AWS_HOSTED_ZONE_ID` | Override the hosted zone ID | +| `AWS_ACCESS_KEY_ID` | Managed by the AWS client. Access key ID (`AWS_ACCESS_KEY_ID_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead) | +| `AWS_HOSTED_ZONE_ID` | Override the hosted zone ID. | | `AWS_PROFILE` | Managed by the AWS client (`AWS_PROFILE_FILE` is not supported) | | `AWS_REGION` | Managed by the AWS client (`AWS_REGION_FILE` is not supported) | -| `AWS_SDK_LOAD_CONFIG` | Retrieve the region from the CLI config file (`AWS_SDK_LOAD_CONFIG_FILE` is not supported) | -| `AWS_SECRET_ACCESS_KEY` | Secret access key (`AWS_SECRET_ACCESS_KEY_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead) | +| `AWS_SDK_LOAD_CONFIG` | Managed by the AWS client. Retrieve the region from the CLI config file (`AWS_SDK_LOAD_CONFIG_FILE` is not supported) | +| `AWS_SECRET_ACCESS_KEY` | Managed by the AWS client. Secret access key (`AWS_SECRET_ACCESS_KEY_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead) | The environment variable names can be suffixed by `_FILE` to reference a file instead of a value. More information [here](/lego/dns/#configuration-and-credentials). @@ -47,7 +47,7 @@ More information [here](/lego/dns/#configuration-and-credentials). | `AWS_MAX_RETRIES` | The number of maximum returns the service will use to make an individual API request | | `AWS_POLLING_INTERVAL` | Time between DNS propagation check | | `AWS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | -| `AWS_SHARED_CREDENTIALS_FILE` | Shared credentials file | +| `AWS_SHARED_CREDENTIALS_FILE` | Managed by the AWS client. Shared credentials file. | | `AWS_TTL` | The TTL of the TXT record used for the DNS challenge | The environment variable names can be suffixed by `_FILE` to reference a file instead of a value. diff --git a/providers/dns/lightsail/lightsail.toml b/providers/dns/lightsail/lightsail.toml index b989886e01..fab06ef77d 100644 --- a/providers/dns/lightsail/lightsail.toml +++ b/providers/dns/lightsail/lightsail.toml @@ -47,11 +47,11 @@ Alternatively, you can also set the `Resource` to `*` (wildcard), which allow to [Configuration] [Configuration.Credentials] - AWS_ACCESS_KEY_ID = "Access key ID (`AWS_ACCESS_KEY_ID_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead)" - AWS_SECRET_ACCESS_KEY = "Secret access key (`AWS_SECRET_ACCESS_KEY_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead)" + AWS_ACCESS_KEY_ID = "Managed by the AWS client. Access key ID (`AWS_ACCESS_KEY_ID_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead)" + AWS_SECRET_ACCESS_KEY = "Managed by the AWS client. Secret access key (`AWS_SECRET_ACCESS_KEY_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead)" DNS_ZONE = "Domain name of the DNS zone" [Configuration.Additional] - AWS_SHARED_CREDENTIALS_FILE = "Shared credentials file" + AWS_SHARED_CREDENTIALS_FILE = "Managed by the AWS client. Shared credentials file." LIGHTSAIL_POLLING_INTERVAL = "Time between DNS propagation check" LIGHTSAIL_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" diff --git a/providers/dns/route53/route53.toml b/providers/dns/route53/route53.toml index 3f2a858ee1..31265ab024 100644 --- a/providers/dns/route53/route53.toml +++ b/providers/dns/route53/route53.toml @@ -63,14 +63,14 @@ The following AWS IAM policy document describes the permissions required for leg [Configuration] [Configuration.Credentials] - AWS_ACCESS_KEY_ID = "Access key ID (`AWS_ACCESS_KEY_ID_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead)" - AWS_SECRET_ACCESS_KEY = "Secret access key (`AWS_SECRET_ACCESS_KEY_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead)" + AWS_ACCESS_KEY_ID = "Managed by the AWS client. Access key ID (`AWS_ACCESS_KEY_ID_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead)" + AWS_SECRET_ACCESS_KEY = "Managed by the AWS client. Secret access key (`AWS_SECRET_ACCESS_KEY_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead)" AWS_REGION = "Managed by the AWS client (`AWS_REGION_FILE` is not supported)" - AWS_HOSTED_ZONE_ID = "Override the hosted zone ID" + AWS_HOSTED_ZONE_ID = "Override the hosted zone ID." AWS_PROFILE = "Managed by the AWS client (`AWS_PROFILE_FILE` is not supported)" - AWS_SDK_LOAD_CONFIG = "Retrieve the region from the CLI config file (`AWS_SDK_LOAD_CONFIG_FILE` is not supported)" + AWS_SDK_LOAD_CONFIG = "Managed by the AWS client. Retrieve the region from the CLI config file (`AWS_SDK_LOAD_CONFIG_FILE` is not supported)" [Configuration.Additional] - AWS_SHARED_CREDENTIALS_FILE = "Shared credentials file" + AWS_SHARED_CREDENTIALS_FILE = "Managed by the AWS client. Shared credentials file." AWS_MAX_RETRIES = "The number of maximum returns the service will use to make an individual API request" AWS_POLLING_INTERVAL = "Time between DNS propagation check" AWS_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"