Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/defanglabs/cloudacme
Tools to simplify acme ssl certificate generation and storage with native cloud tools
https://github.com/defanglabs/cloudacme
Last synced: about 2 months ago
JSON representation
Tools to simplify acme ssl certificate generation and storage with native cloud tools
- Host: GitHub
- URL: https://github.com/defanglabs/cloudacme
- Owner: DefangLabs
- License: mit
- Created: 2024-03-18T18:18:44.000Z (9 months ago)
- Default Branch: main
- Last Pushed: 2024-05-22T00:32:12.000Z (7 months ago)
- Last Synced: 2024-06-20T12:06:04.385Z (6 months ago)
- Language: Go
- Size: 47.9 KB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Cloud Acme Lambda Function
Cloud acme lambda function is a simple project designed to be working with cloud service providers to allow the issuing, renewing and importing of SSL certificates to the users infrastructure.
Currently it only supports AWS lambda and provides HTTP01 challenge support by setting up ALB rules.
It makes the following assumption:
1. There is already a self signed SSL cert in ACM and it is attached to the ALB.
2. The labmda function is triggered by an ALB listener on port 80 with the follow rules:
- Host header condition matching the domain name
- Path condition for "/"
3. The lambda function has the correct permissions to operate with:
- ACM for listing and importing certificates
- ALB for find, adding and removal of rules
4. The trigger will be removed after a successful import of the certificate.### Certificate renewal
The certificate renewal can be triggered by an event bridge scheduled event with a payload in the below format:
```json
{
"domain": "example.com",
"albArn":"arn:aws:elasticloadbalancing:123456789012:certificate/12345678-1234-1234-1234-123456789012"
}
```