aws: detailed credentials (#1439)

Co-authored-by: Fernandez Ludovic <ldez@users.noreply.github.com>
This commit is contained in:
Clement Jean 2021-06-28 09:31:18 +08:00 committed by GitHub
parent 284d1a3e38
commit 2a194d6ab9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 24 additions and 18 deletions

View file

@ -1137,12 +1137,13 @@ func displayDNSHelp(name string) error {
ew.writeln() ew.writeln()
ew.writeln(`Credentials:`) ew.writeln(`Credentials:`)
ew.writeln(` - "AWS_ACCESS_KEY_ID": Access key ID`) ew.writeln(` - "AWS_ACCESS_KEY_ID": Managed by the AWS client. Access key ID ('AWS_ACCESS_KEY_ID_FILE' is not supported, use 'AWS_SHARED_CREDENTIALS_FILE' instead)`)
ew.writeln(` - "AWS_SECRET_ACCESS_KEY": Secret access key`) ew.writeln(` - "AWS_SECRET_ACCESS_KEY": Managed by the AWS client. Secret access key ('AWS_SECRET_ACCESS_KEY_FILE' is not supported, use 'AWS_SHARED_CREDENTIALS_FILE' instead)`)
ew.writeln(` - "DNS_ZONE": Domain name of the DNS zone`) ew.writeln(` - "DNS_ZONE": Domain name of the DNS zone`)
ew.writeln() ew.writeln()
ew.writeln(`Additional Configuration:`) ew.writeln(`Additional Configuration:`)
ew.writeln(` - "AWS_SHARED_CREDENTIALS_FILE": Managed by the AWS client. Shared credentials file.`)
ew.writeln(` - "LIGHTSAIL_POLLING_INTERVAL": Time between DNS propagation check`) ew.writeln(` - "LIGHTSAIL_POLLING_INTERVAL": Time between DNS propagation check`)
ew.writeln(` - "LIGHTSAIL_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) ew.writeln(` - "LIGHTSAIL_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`)
@ -1652,18 +1653,19 @@ func displayDNSHelp(name string) error {
ew.writeln() ew.writeln()
ew.writeln(`Credentials:`) ew.writeln(`Credentials:`)
ew.writeln(` - "AWS_ACCESS_KEY_ID": Managed by the AWS client ('AWS_ACCESS_KEY_ID_FILE' is not supported)`) ew.writeln(` - "AWS_ACCESS_KEY_ID": Managed by the AWS client. Access key ID ('AWS_ACCESS_KEY_ID_FILE' is not supported, use 'AWS_SHARED_CREDENTIALS_FILE' instead)`)
ew.writeln(` - "AWS_HOSTED_ZONE_ID": Override the hosted zone ID`) ew.writeln(` - "AWS_HOSTED_ZONE_ID": Override the hosted zone ID.`)
ew.writeln(` - "AWS_PROFILE": Managed by the AWS client ('AWS_PROFILE_FILE' is not supported)`) ew.writeln(` - "AWS_PROFILE": Managed by the AWS client ('AWS_PROFILE_FILE' is not supported)`)
ew.writeln(` - "AWS_REGION": Managed by the AWS client ('AWS_REGION_FILE' is not supported)`) ew.writeln(` - "AWS_REGION": Managed by the AWS client ('AWS_REGION_FILE' is not supported)`)
ew.writeln(` - "AWS_SDK_LOAD_CONFIG": Retrieve the region from the CLI config file ('AWS_SDK_LOAD_CONFIG_FILE' is not supported)`) ew.writeln(` - "AWS_SDK_LOAD_CONFIG": Managed by the AWS client. Retrieve the region from the CLI config file ('AWS_SDK_LOAD_CONFIG_FILE' is not supported)`)
ew.writeln(` - "AWS_SECRET_ACCESS_KEY": Managed by the AWS client ('AWS_SECRET_ACCESS_KEY_FILE' is not supported)`) ew.writeln(` - "AWS_SECRET_ACCESS_KEY": Managed by the AWS client. Secret access key ('AWS_SECRET_ACCESS_KEY_FILE' is not supported, use 'AWS_SHARED_CREDENTIALS_FILE' instead)`)
ew.writeln() ew.writeln()
ew.writeln(`Additional Configuration:`) ew.writeln(`Additional Configuration:`)
ew.writeln(` - "AWS_MAX_RETRIES": The number of maximum returns the service will use to make an individual API request`) ew.writeln(` - "AWS_MAX_RETRIES": The number of maximum returns the service will use to make an individual API request`)
ew.writeln(` - "AWS_POLLING_INTERVAL": Time between DNS propagation check`) ew.writeln(` - "AWS_POLLING_INTERVAL": Time between DNS propagation check`)
ew.writeln(` - "AWS_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`) ew.writeln(` - "AWS_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`)
ew.writeln(` - "AWS_SHARED_CREDENTIALS_FILE": Managed by the AWS client. Shared credentials file.`)
ew.writeln(` - "AWS_TTL": The TTL of the TXT record used for the DNS challenge`) ew.writeln(` - "AWS_TTL": The TTL of the TXT record used for the DNS challenge`)
ew.writeln() ew.writeln()

View file

@ -29,8 +29,8 @@ _Please contribute by adding a CLI example._
| Environment Variable Name | Description | | Environment Variable Name | Description |
|-----------------------|-------------| |-----------------------|-------------|
| `AWS_ACCESS_KEY_ID` | Access key ID | | `AWS_ACCESS_KEY_ID` | Managed by the AWS client. Access key ID (`AWS_ACCESS_KEY_ID_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead) |
| `AWS_SECRET_ACCESS_KEY` | Secret access key | | `AWS_SECRET_ACCESS_KEY` | Managed by the AWS client. Secret access key (`AWS_SECRET_ACCESS_KEY_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead) |
| `DNS_ZONE` | Domain name of the DNS zone | | `DNS_ZONE` | Domain name of the DNS zone |
The environment variable names can be suffixed by `_FILE` to reference a file instead of a value. The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.
@ -41,6 +41,7 @@ More information [here](/lego/dns/#configuration-and-credentials).
| Environment Variable Name | Description | | Environment Variable Name | Description |
|--------------------------------|-------------| |--------------------------------|-------------|
| `AWS_SHARED_CREDENTIALS_FILE` | Managed by the AWS client. Shared credentials file. |
| `LIGHTSAIL_POLLING_INTERVAL` | Time between DNS propagation check | | `LIGHTSAIL_POLLING_INTERVAL` | Time between DNS propagation check |
| `LIGHTSAIL_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | | `LIGHTSAIL_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |

View file

@ -29,12 +29,12 @@ _Please contribute by adding a CLI example._
| Environment Variable Name | Description | | Environment Variable Name | Description |
|-----------------------|-------------| |-----------------------|-------------|
| `AWS_ACCESS_KEY_ID` | Managed by the AWS client (`AWS_ACCESS_KEY_ID_FILE` is not supported) | | `AWS_ACCESS_KEY_ID` | Managed by the AWS client. Access key ID (`AWS_ACCESS_KEY_ID_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead) |
| `AWS_HOSTED_ZONE_ID` | Override the hosted zone ID | | `AWS_HOSTED_ZONE_ID` | Override the hosted zone ID. |
| `AWS_PROFILE` | Managed by the AWS client (`AWS_PROFILE_FILE` is not supported) | | `AWS_PROFILE` | Managed by the AWS client (`AWS_PROFILE_FILE` is not supported) |
| `AWS_REGION` | Managed by the AWS client (`AWS_REGION_FILE` is not supported) | | `AWS_REGION` | Managed by the AWS client (`AWS_REGION_FILE` is not supported) |
| `AWS_SDK_LOAD_CONFIG` | Retrieve the region from the CLI config file (`AWS_SDK_LOAD_CONFIG_FILE` is not supported) | | `AWS_SDK_LOAD_CONFIG` | Managed by the AWS client. Retrieve the region from the CLI config file (`AWS_SDK_LOAD_CONFIG_FILE` is not supported) |
| `AWS_SECRET_ACCESS_KEY` | Managed by the AWS client (`AWS_SECRET_ACCESS_KEY_FILE` is not supported) | | `AWS_SECRET_ACCESS_KEY` | Managed by the AWS client. Secret access key (`AWS_SECRET_ACCESS_KEY_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead) |
The environment variable names can be suffixed by `_FILE` to reference a file instead of a value. The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.
More information [here](/lego/dns/#configuration-and-credentials). More information [here](/lego/dns/#configuration-and-credentials).
@ -47,6 +47,7 @@ More information [here](/lego/dns/#configuration-and-credentials).
| `AWS_MAX_RETRIES` | The number of maximum returns the service will use to make an individual API request | | `AWS_MAX_RETRIES` | The number of maximum returns the service will use to make an individual API request |
| `AWS_POLLING_INTERVAL` | Time between DNS propagation check | | `AWS_POLLING_INTERVAL` | Time between DNS propagation check |
| `AWS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation | | `AWS_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
| `AWS_SHARED_CREDENTIALS_FILE` | Managed by the AWS client. Shared credentials file. |
| `AWS_TTL` | The TTL of the TXT record used for the DNS challenge | | `AWS_TTL` | The TTL of the TXT record used for the DNS challenge |
The environment variable names can be suffixed by `_FILE` to reference a file instead of a value. The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.

View file

@ -47,10 +47,11 @@ Alternatively, you can also set the `Resource` to `*` (wildcard), which allow to
[Configuration] [Configuration]
[Configuration.Credentials] [Configuration.Credentials]
AWS_ACCESS_KEY_ID = "Access key ID" AWS_ACCESS_KEY_ID = "Managed by the AWS client. Access key ID (`AWS_ACCESS_KEY_ID_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead)"
AWS_SECRET_ACCESS_KEY = "Secret access key" AWS_SECRET_ACCESS_KEY = "Managed by the AWS client. Secret access key (`AWS_SECRET_ACCESS_KEY_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead)"
DNS_ZONE = "Domain name of the DNS zone" DNS_ZONE = "Domain name of the DNS zone"
[Configuration.Additional] [Configuration.Additional]
AWS_SHARED_CREDENTIALS_FILE = "Managed by the AWS client. Shared credentials file."
LIGHTSAIL_POLLING_INTERVAL = "Time between DNS propagation check" LIGHTSAIL_POLLING_INTERVAL = "Time between DNS propagation check"
LIGHTSAIL_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" LIGHTSAIL_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"

View file

@ -63,13 +63,14 @@ The following AWS IAM policy document describes the permissions required for leg
[Configuration] [Configuration]
[Configuration.Credentials] [Configuration.Credentials]
AWS_ACCESS_KEY_ID = "Managed by the AWS client (`AWS_ACCESS_KEY_ID_FILE` is not supported)" AWS_ACCESS_KEY_ID = "Managed by the AWS client. Access key ID (`AWS_ACCESS_KEY_ID_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead)"
AWS_SECRET_ACCESS_KEY = "Managed by the AWS client (`AWS_SECRET_ACCESS_KEY_FILE` is not supported)" AWS_SECRET_ACCESS_KEY = "Managed by the AWS client. Secret access key (`AWS_SECRET_ACCESS_KEY_FILE` is not supported, use `AWS_SHARED_CREDENTIALS_FILE` instead)"
AWS_REGION = "Managed by the AWS client (`AWS_REGION_FILE` is not supported)" AWS_REGION = "Managed by the AWS client (`AWS_REGION_FILE` is not supported)"
AWS_HOSTED_ZONE_ID = "Override the hosted zone ID" AWS_HOSTED_ZONE_ID = "Override the hosted zone ID."
AWS_PROFILE = "Managed by the AWS client (`AWS_PROFILE_FILE` is not supported)" AWS_PROFILE = "Managed by the AWS client (`AWS_PROFILE_FILE` is not supported)"
AWS_SDK_LOAD_CONFIG = "Retrieve the region from the CLI config file (`AWS_SDK_LOAD_CONFIG_FILE` is not supported)" AWS_SDK_LOAD_CONFIG = "Managed by the AWS client. Retrieve the region from the CLI config file (`AWS_SDK_LOAD_CONFIG_FILE` is not supported)"
[Configuration.Additional] [Configuration.Additional]
AWS_SHARED_CREDENTIALS_FILE = "Managed by the AWS client. Shared credentials file."
AWS_MAX_RETRIES = "The number of maximum returns the service will use to make an individual API request" AWS_MAX_RETRIES = "The number of maximum returns the service will use to make an individual API request"
AWS_POLLING_INTERVAL = "Time between DNS propagation check" AWS_POLLING_INTERVAL = "Time between DNS propagation check"
AWS_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation" AWS_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"